Zoek.exe v5.0.0.0 Updated 13-March-2015 Tool run by Guy on za 14/03/2015 at 13:08:39,11. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Guy\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 14/03/2015 13:11:04 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\Elex-tech deleted successfully C:\Users\Guy\AppData\Roaming\DiskDefrag deleted successfully C:\Users\Guy\AppData\Roaming\dvdcss deleted successfully C:\Users\Guy\AppData\Roaming\Elex-tech deleted successfully C:\Users\Guy\AppData\Local\Axialis deleted successfully C:\Users\Guy\AppData\Local\CrashDumps deleted successfully C:\Users\Guy\AppData\Local\DriverToolkit deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1006BB12-5FB1-4405-BDC9-80FEF3B3481} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10BB03A0-61BD-4821-8946-6DAB4B11BB65} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{125CD1E9-EB47-4179-84D6-66D8B8FA9F72} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16315D3F-B00F-47DA-A67F-583D15F257F} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16A06614-A16F-4CC9-8FC7-16EE5EE6E0BA} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16A92AA7-7BDF-4D43-89CD-A0ED992B6122} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{194438FD-F4AB-40BE-9E98-D01B456ACDCA} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{199B4FE8-E559-43F8-BF2F-29F08BDD1BE4} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AF73D84-3A94-4865-9433-27498B2B7B8} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B2AF010-526D-4C00-9F92-2BB2F4E74F73} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20FC1126-C826-4057-B18A-40102F41FF} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21066E9C-1ED0-407B-A57C-9D0E695DF9C} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{211B1564-BE44-4760-BFE4-306FA4D0A647} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2294D887-3763-401D-8034-68EB335F6566} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22DCC393-FD1C-4C7B-9DDF-80F27D4F6CBF} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23CDCCCD-FAB6-4BE2-8160-29D47C89C} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2415649C-EF1B-4BBA-AD51-AD81E8957B8} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{256F5BC2-A91E-43C7-BFD1-40B27C8B1BD2} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25CFC925-904C-4E35-A950-AFEC6C6B5DD4} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25E8BFBC-D49A-453B-82E2-57EBC57EAC74} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2870F3B0-ECB2-47AF-9044-7F144DBC87E4} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E4E347B-8B62-46BA-9CE0-3BE3DDB6384E} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E5C4934-FA3E-492B-8794-B723698981A9} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32114339-1F7-45D4-82B6-AD101476AC63} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{321D97E5-8C1F-4488-9053-DD9E8249899} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32480BBE-1159-4EED-9BE8-AB2AB2AB4D8E} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3588CFF9-FCC7-4361-9863-B1C3F0F862A} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35934933-B678-4B42-B5D-2D11DAB7D76E} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35953B1D-5328-4BD8-B054-179453D7B6F9} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{375B5DF2-2D0C-4F43-9015-20CF25EB90D2} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37BB4481-D70A-4C44-8C18-7523E7E2F719} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3875E161-6BF3-4835-A38F-8EA87275BB1C} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A5DD641-4400-47D2-9EE4-95E76B70D553} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B0BB36F-C17F-4CCF-9327-B9558FF340E3} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BE15302-4697-4919-B9F0-BD9162C2C4} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CE7496B-9B1F-4AA3-9FE5-368229CC161B} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F042538-50B2-42C7-B7F2-2C9CB1AB3CCD} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41F99053-5264-45F5-B4A-19DCAA3378B9} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41FE1F98-AE83-466D-82A3-50FA7C346388} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43B9F10D-85D4-4A25-B2A2-C2E4C02745D} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43DDC02-BA20-4105-AC4C-12BFF3437ABE} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{442D135-7417-4452-B4CB-A17E2DBFEEE} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B6667F1-97F6-452E-8718-584753CF763A} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52E55419-9CCF-499D-82D9-3F7C8CEC6B79} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{553AB991-7152-4AFE-AA9B-77533EBC70E3} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55B64597-8CA9-422A-90F9-BEB5D5618F7} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{584E884D-F021-414C-A619-3559C33B3B8F} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59D4B030-48EF-4CB2-A013-492AA8D71EBB} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A051F18-A753-46AA-B875-3566D46ADA2} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C2876AC-2AF6-4734-B4C5-22B635A41B7B} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C4AD8E7-E8FE-4B68-833C-D5FA65D9E05} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E3EA4CC-A708-4CA3-A5AB-209CEE8AAB6E} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62A02E65-957D-45E3-91A9-C6A174D7BFD0} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{660FD342-D35D-473E-8D6-E216274C93DE} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68A3A6A3-14FE-49A0-BFEE-17A030F698D9} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68FA88FC-864A-40D8-BB6E-E334848884} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{693F2FDD-1580-4021-9ECC-3FB93C3EC813} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A5F1074-FF7C-42E7-96B-1145C14189CD} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A794513-720E-495F-878A-E692D8EE9F5} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B882D6-A6D3-4CC2-A790-A9A8E44C655} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BF688EE-8A5B-4935-B195-74695071BD12} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C68D201-AD0D-47B3-BD1B-FE9A81DDB9A5} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F23BA74-7065-4FED-92F4-31D7E9D86957} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F997F4E-A14C-4468-9E3B-D34F4A1615ED} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71F6E4B3-4CC6-4831-857F-58434AF85A53} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73E00566-41E8-42A3-B55C-5374C83882F4} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E856C5-C707-4E22-90C9-D71B3A9F7F38} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{783633F-65F8-4F4E-AB8D-81EBCE8B1B44} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CC02FEB-7ECE-4505-86EB-B066AF149EC1} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CC77CA6-DDF6-40C3-8651-BD1414DAFED7} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E708D81-9E-4770-8A6C-58FA3DE53BEC} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8038B8CE-CBDE-4570-822B-3168196BD660} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82505634-96A6-4617-B41B-DAE3B4BDBA73} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{835E19AA-C0CE-4599-B7B7-EAC579F6CE9A} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83D5D8B0-3889-43AA-AE7C-C23EC0E1A62} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85FC4D87-FC0A-42FD-B9B7-ABF461C7B198} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{898B5897-CE5E-4E34-8810-A2B39C6796B6} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8ADD6879-35ED-4CF0-9EB7-C12A2543202B} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B0DC7F4-E587-4E55-B377-78C18A383DC2} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BD39FC5-B3A8-4D52-B928-5E57E84B7CB} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8c3f6e3f-8aea-4cda-b28b-1c8c2d3174eb} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C5724C4-1777-4A80-8354-C6F29877BC85} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C9BF4E4-953A-4DED-A2E9-282779A3FC64} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8DB5112F-D626-490F-8CE-382E1035E761} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9059831C-AB42-456E-8890-778D6C93EDF2} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9102B850-1115-4BC3-A8A-20858EAD89A1} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9249415C-E39E-4CEB-ADCF-5F8AAC1271A7} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{939CE382-29BD-485D-BD42-2516D9993DC1} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94842834-9A9-4245-ADD4-ADB6CCB6B67} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94D17E79-3D66-4766-B138-AD79AC629A} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9507F6DB-8971-46F1-A8DD-DE326512AFBD} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9759F7A0-E01E-4B99-98E8-6D145EF7F746} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{985872A9-61F0-4ABA-BA2C-D4D89AC3E87B} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A6A74CA-7B4F-41DC-8A30-84F3CE72ED43} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D8F5C1D-B71F-4AE3-A7B9-E7B27E78A254} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DE5F4C7-F15E-4A00-AD44-47E2832B14EC} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2317F43-1B9F-4A07-9FF0-7066BC91B1B} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a2335c70-32d2-4fbc-8edb-0c60b42a4289} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A58855CE-6324-4085-8FC7-10E95BF3EBDA} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A719BF42-D60E-448C-BF63-33A8B4F195ED} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7E508AE-E682-47D4-9311-75D6633DE4B} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8BB2D67-E0CB-46EF-B385-1845393F68E} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8BDE060-6189-4B0A-B2FC-59C8A685F1D7} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A913B270-F0A6-4DDF-B093-DB3D5540F07C} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A96FD0A4-1D0D-4E9B-B163-DC8F8ADD3E45} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAE46D92-4C13-4433-AB1B-2CF2E2FABC54} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB025A10-7005-4BFF-8035-862E31D58687} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB028740-1D1C-4326-93BB-298DA597F1BC} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB41F6FE-F0E1-4FA8-A296-2830D081679A} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC35EA48-987B-4B04-B34F-4A1EF0E34DD5} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACFEF0B2-8289-45D2-AF8-DF81CDC02AE2} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD1CF913-255A-4392-8E2A-92233834DF75} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE4FE8C6-8F51-4A72-B93F-27E3774B1210} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B02C55F1-84B3-498A-AC8C-2F899A3BD72} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B093547D-4F5A-4503-AA59-76B160DBABDC} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B42332CE-2AA0-4D17-8886-318DAA30AF45} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4BA6981-B39-40E4-B9CA-8C59755C4AD3} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4EC6696-5C7F-4131-9436-9CF1BB5A2} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB461F41-2A57-48F6-90BB-8A5155DDBE63} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBC7B480-329C-4A85-9779-9960587FD55E} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BDEEF5BD-946E-4D93-8477-547B779DD39} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEA5F883-A67B-4AA3-9377-2F85B217EC5} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF79C02E-F419-40D7-B6FD-6BB851789988} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C08D76B3-8CEE-4400-84B4-268A2EB1E42} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C131CD82-DA5C-4227-977B-E545CB345DA4} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2AA4B8F-76B5-488A-B420-8A5FDEA5C55D} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3E047E9-E066-4EBA-AAEB-5A3C53F3D1} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C44CA8C2-6CEC-4B78-8752-43892EFDA473} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4A5DFD-8064-45FD-922F-383B2A255172} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C54761DD-2705-4B66-BD79-667CAA72492B} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C588E5C4-3C82-4229-BE38-B6F1AB24A373} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7A60F67-61C7-4F32-A82E-4D6E468A764C} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C903FB4D-5AD-4CC3-AD3-5BB77C858F1} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9ADDEEB-31B5-4544-9BF9-BC88D888DCB0} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAFCCB29-D6B7-4F77-A151-E2C188A9F8DC} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB90882B-B521-4BDE-A895-973737C237B6} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC76CCC0-C6C9-4CE9-A6C5-3964D0CDE56F} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC885166-71AD-432C-B897-E426CB477910} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD9ED434-9126-42C8-8743-F4190C2DD33} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE1081AF-C5A9-4BE8-8345-AD42F29BA695} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFAE8DED-BFDD-462A-B3E7-209DE5FDE162} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D28CA11A-E9C9-4A7E-9C58-109F1321375} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2B31C37-3E74-4C1B-94AF-AB5711B0F1F4} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2E29CB9-7E2F-4B31-A4B0-5327585424A7} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D338AE8-6E5C-429D-A556-117CFB6FAB78} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3AE56E3-91C4-40DA-97CA-33B5BF5231B6} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D43B44A6-A06D-4EDF-82EA-2570FC7EDFB0} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D58E7852-DB77-4704-AB5-3DD0ECDBEDD2} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D754EB0B-3D41-409B-8B5A-BF45AF99B9DC} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8EE2C36-7033-45B9-9C56-18B039A69838} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB2F4C31-25ED-4124-8185-C1812766EAB0} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBD51DD6-3F50-4370-90F7-D07796CBD5} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE740A92-ED51-4F72-8D77-7EB6136EBA25} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E325EFBD-3853-4817-9E7E-76E15EB9E52} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e766371e-b0bc-427e-aeb4-dedf8c8b1aa9} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7871B79-1B41-4ED8-B4FF-ECF97296191} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E81ECF7E-B807-459C-A3D7-D1AD196415E5} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E98683D4-2F80-446D-A2D0-DE5B2218AC87} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA3B0337-8B37-4CDC-AF9B-7CF59B806D6C} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA868DAE-E727-4377-B410-FC2AF5EFB14} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBC4BA1B-4B86-4C9E-A62-504C3CB5CA8} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBFB84C-D914-4BED-B076-428DE11931AA} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF85BE50-A955-4D09-92C-A22980D5BD48} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1604E33-E64-4466-8E3B-0C2E8C4A4DA} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F211CC36-4CE9-4F97-A6F7-CA3DCBB25A74} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2194694-51F-4EEC-934D-7CBD9E8CBFDF} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3C118EE-D021-4856-9E9-5394BDA2DB5F} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3FD3633-7DC2-4BFF-A9C7-E8689DB6B198} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F63EA704-A7FA-4903-B094-FE82C8BED3CF} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f6bc574d-bd35-480d-bdcf-716d4ec13fe4} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6DF74A7-4850-4E6D-AE27-2B5432B6F26A} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6F16A31-75C-4D15-87B1-515E87C0139C} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7BE20DC-ABF2-4B90-8F7C-128968A339C3} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7F1855D-389-4801-8630-2AD9F515BD95} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FCE309EF-C168-4F33-A237-25331C76E354} deleted successfully HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE371FF-DE97-48B0-B6AC-1B61CD7D2329} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8c3f6e3f-8aea-4cda-b28b-1c8c2d3174eb} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a2335c70-32d2-4fbc-8edb-0c60b42a4289} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e766371e-b0bc-427e-aeb4-dedf8c8b1aa9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f6bc574d-bd35-480d-bdcf-716d4ec13fe4} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ???? ??? Windows Live ???? Windows Live ????? Windows Live ?????? ??????? ?? Windows Live ???????? ?????????? Windows Live 7-Zip 9.20 Adobe Flash Player 16 ActiveX Adobe Flash Player 16 NPAPI Adobe Photoshop Lightroom 5 64-bit Adobe Reader XI (11.0.10) - Nederlands Alcor Micro USB Card Reader Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Ashampoo Burning Studio 12 v.12.0.3 Ashampoo Photo Optimizer 5 v.5.7.0 ASUS AI Recovery ASUS FancyStart ASUS LifeFrame3 ASUS Live Update ASUS Power4Gear Hybrid ASUS SmartLogon ASUS Splendid Video Enhancement Technology ASUS Video Magic ASUS Virtual Camera ASUS WebStorage ASUSDVD AsusVibe2.0 ATK Package Autorun Organizer version 1.30 Avast Free Antivirus BatteryBar (remove only) Belastingen 2014 versie 1.x Belgium e-ID middleware 4.0.7 (build 7445) Bonjour Box Edit Brother MFL-Pro Suite MFC-7860DW Canon Easy-WebPrint EX Canon IJ Scan Utility Canon MG2400 series MP Drivers Canon MG2400 series On-screen Manual Canon My Image Garden Canon My Image Garden Design Files Canon My Printer Canon Quick Menu CAS Studio 9.8.1 CCleaner CDBurnerXP ChromecastApp Control ActiveX de Windows Live Mesh para conexiones remotas Contr“le ActiveX Windows Live Mesh pour connexions … distance Controlo ActiveX do Windows Live Mesh para Liga‡äes Remotas CyberLink LabelPrint CyberLink MediaEspresso CyberLink Power2Go CyberLink PowerDirector D3DX10 Definition Update for Microsoft Office 2010 (KB2956207) 32-Bit Edition Dream Vacation Solitaire Driver Booster 2.2 Dropbox DVD Copy DVD Clone DVD Burn DVD Backup 1.03 Easy Phone Sync Elecard MPEG Player Emsisoft Anti-Malware ETDWare PS/2-X64 8.0.5.3_WHQL ExpressGateCloud Fast Boot Free MP4 to MP3 Converter 1.0 Fresco Logic USB3.0 Host Controller Galeria de Fotografias do Windows Live Galer¡a fotogr fica de Windows Live Galerie de photos Windows Live Game Park Console Gebruikersregistratie voor Canon MG2400 series GIMP 2.8.0 Glary Utilities PRO 5.19 Google Chrome Google Drive Google Toolbar for Internet Explorer Google Update Helper iCloud inSSIDer Intel(R) Control Center Intel(R) Processor Graphics Intel(R) Turbo Boost Technology Monitor iTunes Java 8 Update 40 Java Auto Updater Junk Mail filter update Lightshot-5.1.4.9 Malwarebytes Anti-Malware versie 2.0.3.1025 MediaMonkey 4.1 Mesh Runtime Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Application Error Reporting Microsoft ASP.NET MVC 4 Runtime Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Home and Student 2010 Microsoft Office Klik-en-Klaar 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD MioMore Desktop 7.50 Mozilla Firefox 36.0.1 (x86 nl) Mozilla Maintenance Service Mozilla Thunderbird 24.0 (x86 nl) MSVCRT MSVCRT_amd64 MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) Nuance PaperPort 12 Nuance PDF Reader Nuance PDF Viewer Plus NVIDIA-configuratiescherm 344.75 NVIDIA 3D Vision stuurprogramma 344.75 NVIDIA Grafisch stuurprogramma 344.75 NVIDIA Install Application NVIDIA Network Service NVIDIA Optimus Update 16.18.9 NVIDIA PhysX NVIDIA Stereoscopic 3D Driver NVIDIA Update Core PaperPort Image Printer 64-bit Picasa 3 Quick Startup 5.10.1.100 QuickTime 7 Raccolta foto di Windows Live Realtek High Definition Audio Driver Revo Uninstaller 1.95 S?????? f?t???af??? t?? Windows Live Scansoft PDF Professional Security Update for Microsoft Excel 2010 (KB2956142) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2883100) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2889839) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2956139) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Should I Remove It Skype Click to Call SkypeT 7.1 SlimCleaner SonicMaster Speccy Spotify Spybot - Search & Destroy SpywareBlaster 5.0 Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TeamViewer 8 TomTom HOME TomTom HOME Visual Studio Merge Modules TuneUp Utilities 2014 TuneUp Utilities 2014 (en-US) TuneUp Utilities Language Pack (nl-NL) Update for Microsoft Access 2010 (KB2837601) 32-Bit Edition Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB2920813) 32-Bit Edition Update for Microsoft Office 2010 (KB2956141) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2956128) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2956203) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2878283) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition USB2.0 UVC 2M WebCam VirtualDJ 8 VirtualDJ Home FREE VLC media player Windows Live ??? Windows Live ???? Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Fotogalerie Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinFlash WinRAR 5.00 (64-bit) Wireless Console 3 ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Users\Guy\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Guy\AppData\Roaming\Mozilla\Firefox\Profiles\36q4e1br.default-1367777822496 user.js not found ---- Lines belgiumeid@eid.belgium.be removed from prefs.js ---- user_pref("extensions.xpiState", "{\"app-profile\":{\"belgiumeid@eid.belgium.be\":{\"d\":\"C:\\\\Users\\\\Guy\\\\AppData\\\\Roaming\\\\Mozilla\\\\Fire ---- FireFox user.js and prefs.js backups ---- prefs_20151403_1400_.backup ProfilePath: C:\Users\Guy\AppData\Roaming\Thunderbird\Profiles\u5819eqj.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20151403_1400_.backup ProfilePath: C:\Users\Guy\AppData\Roaming\TomTom\HOME\Profiles\ovc1j5wf.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20151403_1400_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AGEIA Technologies not found C:\PROGRA~2\Elex-tech not found C:\PROGRA~2\Skillbrains deleted C:\Users\Guy\AppData\Roaming\SpeedyPC Software deleted C:\Users\Guy\AppData\Local\updater.log deleted C:\Users\Guy\AppData\Local\Skillbrains deleted C:\Users\Guy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot deleted C:\Users\Guy\Downloads\SoftonicDownloader_voor_iobit-uninstaller.exe deleted C:\windows\SysNative\tasks\update-S-1-5-21-2165435700-71866061-3969913833-1001 deleted C:\windows\SysNative\tasks\update-sys deleted C:\Windows\tasks\update-S-1-5-21-2165435700-71866061-3969913833-1001.job deleted C:\Windows\tasks\update-sys.job deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\shoEEF.tmp deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\PROGRA~2\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be deleted "C:\Users\Guy\AppData\Roaming\WXC" deleted "C:\Users\Guy\AppData\Roaming\Mozilla\Firefox\Profiles\36q4e1br.default-1367777822496\extensions\belgiumeid@eid.belgium.be.xpi" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 6055 MB CPU Info: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz CPU Speed: 2510,1 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: Intel(R) HD Graphics 3000 | Intel(R) HD Graphics 3000 | NVIDIA GeForce GT 630M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) | Atheros AR9285 Wireless Network Adapter CD / DVD Drives: 1x (E: | ) E: SlimtypeDVD A DS8A5SH Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 196,3GB | D: 244,5GB Hard Disks - Free: C: 14,9GB | D: 242,6GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 11/30/11 | _ASUS_ - 6222004 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK Computer Inc. N73SM Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Emsisoft Anti-Malware On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Spybot - Search and Destroy disabled (Outdated) Anti-Spyware: Emsisoft Anti-Malware disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Firefox 36.0.1 Internet Explorer Version: 11.0.9600.17691 Mozilla Firefox version: 36.0.1 (x86 nl) Google Chrome version: 39.0.2171.95 Adobe Reader version: 11.0.10.32 Sun Java version: 1.8.0_40 (32-bit) Sun Java version: 1.8.0_40 (64-bit) Flash Player version: 16.0.0.305 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Guy\AppData\Local\Temp ==== 2015-03-13 14:37:58 F78940628EB76AB6E654C19EE33F2F89 24743106 ----a-w- C:\Users\Guy\AppData\Local\Temp\vlc-2.1.5-win32.exe 2015-03-13 12:43:33 057631047016A448B842B96E872B132B 43008 ----a-w- C:\Users\Guy\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprexwsr.dll 2015-03-06 11:33:11 BBCDDF0F311A2635D95FB07C1E9CCD96 298096 ----a-w- C:\Users\Guy\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe ====== Java Cache ===== 2015-03-13 08:40:59 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-6ca51f2d 2015-03-13 08:40:51 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6a083514 2015-03-13 08:40:52 E1C64093DD56585C52398F461F4B976F 424 ----a-w- C:\Users\Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2015-03-13 08:40:50 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-4e756518 2015-03-13 08:40:52 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Guy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-1b8e4643 ====== C:\Windows\SysWOW64 ===== 2015-03-13 08:39:39 7A76F83B4DCA86B5DB17D43A5820CF40 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-03-11 09:22:16 D5063B86DC3F85B93D02AF68099F4C9A 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-03-11 09:22:15 C7D334A01C66BF07B92D04CD7A981B7F 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-03-11 09:22:15 B06A4105DD22E91A1D922D7310803140 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-03-11 09:22:15 84974782ED5D108DA2EFAF3C6534A760 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-03-11 09:22:15 7A71DA6D6F75AB73475128F787DD8EAD 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-03-11 09:22:15 69925A266D265DAD96C6FCBB861FA5CD 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-03-11 09:22:15 5E76C26CAE2810EA71C161ED9A2CF0D1 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-03-11 09:22:15 4E15E2D20AE755FDEACD96F359F732DB 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-03-11 09:22:15 30F5B3E28636009A0B194057AAE4392A 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-03-11 09:22:15 04934912B1317F2F8816208067A32B96 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-03-11 09:22:14 ACD0CA819E279E1C17BE5C8A077EF448 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-03-11 09:22:14 7407DDA27838C393DE67A0BDCDD044D0 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-03-11 09:22:14 0485899A035E02C53014C0545D912405 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-03-11 09:22:10 965D6A2B30A95A9F7EF13653988D3D9F 299008 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2015-03-11 09:22:09 ABB358777FDF4AF51B2FE26137D2B8D4 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll 2015-03-11 09:22:09 55273844B66D77A2F1A2213C17A9EA4A 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2015-03-11 09:22:09 274F0540FD4C88FC845C94CA1569688A 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll 2015-03-11 09:22:09 01D9C9A70323BC7E5835B92442DD7EC2 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll 2015-03-11 09:22:08 FDF0B4DC83627A859D18EE439B8E5A26 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-03-11 09:22:08 B8445B89D0EA5C2575C98EA7BD180C5C 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-03-11 09:22:07 6108ED659B5962DE73DACB3B04D86ED3 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-11 09:22:07 00F39165D6D14302618C20CDD7BB213A 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-03-11 09:22:05 B35C35C55FED3DD7F995C77F63CBC29B 1311232 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-03-11 09:22:05 AD1BA932AC31D2BC8C9105DA59BEA6BE 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-03-11 09:22:05 AD13E719AE506AA0E0BB5D49E0D5B44A 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-03-11 09:22:05 95CB6079B3E62D4301958023C2070A48 19720192 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-03-11 09:22:05 8FDE1162C9DCF7B180AA702DD9EB6071 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-11 09:22:05 29EDBC5C381F1406A5262351E69BC87A 342696 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-03-11 09:22:04 08B30EB9751858C1C369E8775492D732 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-03-11 09:22:03 F5F730ED126DCFBEBDB9BB629BD482C4 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-03-11 09:22:03 BD838E2129623E8311720AA86C5DFBBF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-03-11 09:22:03 A41C85FDB2275FA9AAA821A118807FDB 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-03-11 09:22:03 A34897A1A39316BDECCA3E61986F98F2 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-03-11 09:22:03 52B4DECDC70B8758380D37EA2CDD4254 2278400 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-03-11 09:22:02 E868396BC5F8957A9E39BD9A28EA814D 12827648 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-03-11 09:22:02 BA10D970EB39913357B224F4473D535B 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-03-11 09:22:02 AC35DA94A14679E8E515A44A8CF90804 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-03-11 09:22:02 988AB676FBF4484508BA134CAAB711EB 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-03-11 09:22:02 756B4F77945C61ADBE68150D7D2EC7A6 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-03-11 09:21:59 FC5FE9F2D140435FC95CB3EF6724EF0A 4300288 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-03-11 09:21:59 EA6EA6912F27F05C61D8D747517EB47E 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-03-11 09:21:59 BC9CE46C3F05CCC40F8F1EFC7E4B41C7 503296 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-03-11 09:21:59 02C0770DA3BE9231EFAF7185EE51020C 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-03-11 09:21:58 B0B83B31853E15C619FDB91B64F8349A 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-03-11 09:21:48 003C51B9FE38287BA4E0E58D3AE080BD 744960 ----a-w- C:\Windows\SysWOW64\blackbox.dll 2015-03-11 09:21:47 DCC148408770F2D55B201F8FC26438A1 988160 ----a-w- C:\Windows\SysWOW64\drmv2clt.dll 2015-03-11 09:21:45 833FCABCB5D95B1911BA6E62FC82AC04 617984 ----a-w- C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-11 09:21:45 5B0C6247027FCF5A2E2F150E298D2FFA 3209728 ----a-w- C:\Windows\SysWOW64\mf.dll 2015-03-11 09:21:44 B378B6A865C28CE5C1E23C35760A1199 11411968 ----a-w- C:\Windows\SysWOW64\wmp.dll 2015-03-11 09:21:41 BB73C907D1BD437B6C30F2C23BB089FC 406016 ----a-w- C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-11 09:21:41 74264B7F57A16D25CB581C07964D324A 1174528 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2015-03-11 09:21:40 6C2D4DC5D2E271F4AE4016FD4587B0B2 3973048 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-11 09:21:40 2CFE69A0A8AFDA8DB9A773D728000BB7 3917760 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-11 09:21:39 96DB6A923DEDB58FC7CBBF5CFF73314D 1329664 ----a-w- C:\Windows\SysWOW64\quartz.dll 2015-03-11 09:21:39 2D4814D567E5A85C473228BA772A7AFB 489984 ----a-w- C:\Windows\SysWOW64\evr.dll 2015-03-11 09:21:38 C5667EE72D7364BE81516C0707FEF724 354816 ----a-w- C:\Windows\SysWOW64\mfplat.dll 2015-03-11 09:21:38 B7D2BB84C590F0AE9DA51DBB065A780E 1005056 ----a-w- C:\Windows\SysWOW64\cryptui.dll 2015-03-11 09:21:38 B54FD1991E659FD61EF1D34EC27AAECD 81408 ----a-w- C:\Windows\SysWOW64\cryptsp.dll 2015-03-11 09:21:36 98C1191C862B44567FCF3C18BAEE859E 519680 ----a-w- C:\Windows\SysWOW64\qdvd.dll 2015-03-11 09:21:35 D5EC42139D6A6158CF188975C50B6A60 179200 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2015-03-11 09:21:35 3BAA4BAE71460C5CEB40D5E9339A61BC 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll 2015-03-11 09:21:35 320A8699369C43CF53B2DB4538D17C52 504320 ----a-w- C:\Windows\SysWOW64\msscp.dll 2015-03-11 09:21:34 70E96EBE87A38857619671FCB9C8EC7B 265216 ----a-w- C:\Windows\SysWOW64\msnetobj.dll 2015-03-11 09:21:34 49474B3E37969AF4B5C076F42B623AFF 143872 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2015-03-11 09:21:33 2D21189858856316D55EAD55DF4964C2 374784 ----a-w- C:\Windows\SysWOW64\AudioEng.dll 2015-03-11 09:21:32 E0AB9CA912398BE1AAD14FF7AD75C397 50688 ----a-w- C:\Windows\SysWOW64\appidapi.dll 2015-03-11 09:21:32 AF47EAA4ADDA9AA221FB7647EE22BF53 103424 ----a-w- C:\Windows\SysWOW64\mfps.dll 2015-03-11 09:21:32 A56F4029FDCF4F817E78953CDA953E28 442880 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-11 09:21:32 08FF727297A97907AADED4BA86CF44E9 50176 ----a-w- C:\Windows\SysWOW64\rrinstaller.exe 2015-03-11 09:21:31 A4A2EFB40015B76467F09E6DC388BC26 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2015-03-11 09:21:31 50B8937A81360D16A5C772302BD32CFE 195584 ----a-w- C:\Windows\SysWOW64\AudioSes.dll 2015-03-11 09:21:31 49F4EE8DF752CFA159B99046CD1FDD2B 23040 ----a-w- C:\Windows\SysWOW64\mfpmp.exe 2015-03-11 09:21:17 8B07DBA0D77346545C6359AC67DCB980 8192 ----a-w- C:\Windows\SysWOW64\spwmp.dll 2015-03-11 09:21:16 FCD5137A10C8943B34C9BE891C50159F 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2015-03-11 09:21:16 D3916F83AC8F2314262387A2E16C6578 4096 ----a-w- C:\Windows\SysWOW64\msdxm.ocx 2015-03-11 09:21:16 D3916F83AC8F2314262387A2E16C6578 4096 ----a-w- C:\Windows\SysWOW64\dxmasf.dll 2015-03-11 09:21:14 7C1CADCA0E674212412559B0EAD0919A 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL 2015-03-11 09:21:12 2F3CE58D8C276570EEB69C99CFBAFD58 2048 ----a-w- C:\Windows\SysWOW64\mferror.dll 2015-03-11 09:20:41 B804EAA9E037580F96C22537C2ECB62A 171520 ----a-w- C:\Windows\SysWOW64\ubpm.dll 2015-03-11 09:20:38 340EECB781E6C06A6171B3068DA208AD 12875264 ----a-w- C:\Windows\SysWOW64\shell32.dll 2015-03-11 09:20:36 84B460BB65567ED42DD605FA044DB370 828928 ----a-w- C:\Windows\SysWOW64\msctf.dll 2015-03-11 09:20:35 5F3628DCF926C4499BE1DC74431DFBC8 1230848 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-11 09:20:31 9566C8BBD2271A7962D4432A624762AD 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-03-11 09:22:16 DB2904A4CEBC39DF8892A613BEC71512 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-03-11 09:22:16 3807605BDA83C0DA729A5219CEBB9041 341504 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-03-11 09:22:15 FB95F6E11AAD62F24C2DB01E6E9D7BE7 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-03-11 09:22:15 E1404987DCD392AF9D67F6A26CE21175 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-03-11 09:22:15 B6C7729936AAF8E0697F0A7DCA82CED8 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-03-11 09:22:15 9B644AC070576AAE701910874C241DBD 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-03-11 09:22:15 92F920EE9EAF7306B4AB8124D474AB52 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-03-11 09:22:15 7BC39275661EA7DEE54135AA26DF733E 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-03-11 09:22:15 65CF54B1D8CB1B085B6D8BC210E2C45F 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-03-11 09:22:15 6536829F6EA1149527728A210F493B79 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-03-11 09:22:15 54CD467B3A6DA02E9449DB7FB1830612 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-03-11 09:22:15 473BCBFFC55C9FE33D502035322E759D 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-03-11 09:22:15 28CC69865D5DC458EDDCEA35F01D71DA 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-03-11 09:22:15 1DB278E5834B08F9A184F953F2D31FF7 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-03-11 09:22:14 543553AD3E30CB261C8B436DF644F23E 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-03-11 09:22:14 378B175D0F0A1C38026F280BF6C8D0C6 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-03-11 09:22:10 F351B0E520502552734BE70AA5940784 41984 ----a-w- C:\Windows\Sysnative\lpk.dll 2015-03-11 09:22:10 A0DEE06D68F210CA090FD4D9A33CDC12 3204096 ----a-w- C:\Windows\Sysnative\win32k.sys 2015-03-11 09:22:10 85D3E918658C2766780F7DEE5F8FBE57 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll 2015-03-11 09:22:10 1307814243F21EB129852D59B5AB37FB 372224 ----a-w- C:\Windows\Sysnative\atmfd.dll 2015-03-11 09:22:09 DB0BD8B8D68D8211CA23FBE52DACE549 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll 2015-03-11 09:22:09 39A108604F51821F6F4E2001E9A1CB60 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll 2015-03-11 09:22:08 2CA6A98547E799812489E5ADF2774D97 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-03-11 09:22:07 289581F0FDA6B93A0FAFE979486AD6FA 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-03-11 09:22:07 08892A4ED848386E6B901723C1EF611B 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-03-11 09:22:06 7FA2B43D940DF41E46B8049B59AB6639 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-03-11 09:22:05 D3EA5B5E606EF17804B5BF565BEAD937 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-03-11 09:22:05 D2BF72C0A9E26BE91C1DEEACF7C430E0 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-03-11 09:22:03 F5E5E96E188934BAB22C0916C91F46B3 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-03-11 09:22:03 585B29EFB4954902FD53C4F8F9A0D39F 389800 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-03-11 09:22:03 501A38B72FA264605123B4FACF53F057 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-03-11 09:22:02 80B3AD73027A2CCD42C47EBF5C89124F 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-03-11 09:22:02 5443F21A33DB376734DBE47F7635542C 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-03-11 09:22:02 132862B0FC4A1B7CB45C274DE169DBB2 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-03-11 09:22:01 D0767EA3A59FA70C7ACF59EE0C8CD42A 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-03-11 09:22:01 9E9B757A677927110393A505822D9174 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-03-11 09:22:00 62269DEFF17AB006217330A24EA8577B 2886144 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-03-11 09:22:00 22C4867C690C38B18B2C1A0B072CD0C4 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-03-11 09:21:59 A1264D16AF506125C974775C833A063C 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-03-11 09:21:59 1EC0BF321D3B14D02B9A8BAC134570F4 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-03-11 09:21:58 76B53D2150284E138B46410EA54967FA 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-03-11 09:21:57 FB8C4EE9889790466A0174923410649E 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-03-11 09:21:57 D373113A84C12BA7F07CE1E9CAF4747F 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-03-11 09:21:57 2335F6BF8A127E31EB0E2D9A82F188A0 14398976 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-03-11 09:21:56 A9190899A35431CF8ABBEF5E1BB0C8F9 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-03-11 09:21:56 4870B24EA7D4EEF5E1C4675AC47796B8 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-03-11 09:21:56 40DF85D8B2B0171EF5F23AA1B5CD9A62 6035456 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-03-11 09:21:55 687E11F36832BFF65EF0CD2FA3DB1966 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-03-11 09:21:55 667229C8F194D619D12F05943D7F61F0 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-03-11 09:21:55 36F99BD8A0F09BDBB7850A138845A014 2358784 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-03-11 09:21:55 1C393E42928BF55B3796E732B678CD5B 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-03-11 09:21:54 1193400D8E29A5A010135FB09A4EB1E8 25021440 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-03-11 09:21:48 DF6104DCED89E13A78BA5539CEF5100A 1202176 ----a-w- C:\Windows\Sysnative\drmv2clt.dll 2015-03-11 09:21:48 A53A63831185FF5339E76221BE45E6B9 842240 ----a-w- C:\Windows\Sysnative\blackbox.dll 2015-03-11 09:21:46 BD311BB00DD0D656C091AC8888C2369D 14632960 ----a-w- C:\Windows\Sysnative\wmp.dll 2015-03-11 09:21:45 7F4D59E70DD6E757E96B40570B498D5C 782848 ----a-w- C:\Windows\Sysnative\wmdrmsdk.dll 2015-03-11 09:21:44 FDA5F186596288F0B9ECE9DC7A5AA868 5554104 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-03-11 09:21:43 B2F02AB28864B6D5B5B9BEDA565D41BB 497664 ----a-w- C:\Windows\Sysnative\drmmgrtn.dll 2015-03-11 09:21:42 3FECBED0EACABD22E024EF4E50CF987B 1480192 ----a-w- C:\Windows\Sysnative\crypt32.dll 2015-03-11 09:21:41 8DFDB70E3E56C2F1AE09CB3C03E266E5 1574400 ----a-w- C:\Windows\Sysnative\quartz.dll 2015-03-11 09:21:40 5FFEE6CA63E27CBA1F32002743E58F3C 631808 ----a-w- C:\Windows\Sysnative\evr.dll 2015-03-11 09:21:40 410F6B1BE785F3630B4782F8E3D85A24 1069056 ----a-w- C:\Windows\Sysnative\cryptui.dll 2015-03-11 09:21:39 73D81B5B4B2655CB1B5662E770F755D5 532176 ----a-w- C:\Windows\Sysnative\winresume.exe 2015-03-11 09:21:39 6AEEC5677AD522786CED371A7BEE620C 616360 ----a-w- C:\Windows\Sysnative\winresume.efi 2015-03-11 09:21:39 0BC72EA80234382701EAFC1BE0ECD7E4 432128 ----a-w- C:\Windows\Sysnative\mfplat.dll 2015-03-11 09:21:38 DB2D62AA2DF6B1F3D690A9EC9701AA2C 188416 ----a-w- C:\Windows\Sysnative\pcasvc.dll 2015-03-11 09:21:38 94BC902494AFC9F5EBC5FBB61445D73F 82432 ----a-w- C:\Windows\Sysnative\cryptsp.dll 2015-03-11 09:21:37 F88B4A9EA1A956F09D5001D08B546228 641024 ----a-w- C:\Windows\Sysnative\msscp.dll 2015-03-11 09:21:37 29143C7827F9F2AC543E792A8C63FBB0 4121600 ----a-w- C:\Windows\Sysnative\mf.dll 2015-03-11 09:21:36 B7E752FFD95DC61FCB7A6E70E37175E5 693176 ----a-w- C:\Windows\Sysnative\winload.efi 2015-03-11 09:21:36 AE66D26930CA536706078537CB5AC840 325632 ----a-w- C:\Windows\Sysnative\msnetobj.dll 2015-03-11 09:21:36 999A7FD4D9F8B1656F1167D94743E50A 457400 ----a-w- C:\Windows\Sysnative\ci.dll 2015-03-11 09:21:36 7A4064169FBA91F39DB1FDC094A18DA8 619056 ----a-w- C:\Windows\Sysnative\winload.exe 2015-03-11 09:21:36 72D4757510FDA69D729169C00AFC211E 32256 ----a-w- C:\Windows\Sysnative\appidsvc.dll 2015-03-11 09:21:35 93C7D1C3941086162B433107D9E8BCE3 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-03-11 09:21:35 7BC64DEEFD0E6812E21DE89F0CF50A49 500224 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll 2015-03-11 09:21:35 6E974F1C384615DEB0710E44F4847351 126464 ----a-w- C:\Windows\Sysnative\audiodg.exe 2015-03-11 09:21:35 6968D02DC38757C3FBE7ED7C2F9670AA 680960 ----a-w- C:\Windows\Sysnative\audiosrv.dll 2015-03-11 09:21:35 577D0B947B49DB83E2054FA169B2ECBF 229376 ----a-w- C:\Windows\Sysnative\wintrust.dll 2015-03-11 09:21:35 483221CC1AAC288368292899E32B6B9B 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-03-11 09:21:35 1BE9877B199184D7657BC4CFCB7B4A99 140288 ----a-w- C:\Windows\Sysnative\cryptnet.dll 2015-03-11 09:21:34 C0AE7ABD87254B2789C8CB34AF274A65 296448 ----a-w- C:\Windows\Sysnative\AudioSes.dll 2015-03-11 09:21:34 3029D8E78E4BF18A0551E22CD4CB892C 371712 ----a-w- C:\Windows\Sysnative\qdvd.dll 2015-03-11 09:21:34 1CD76A83B9E8E9A5A3519B39E28354D9 187904 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2015-03-11 09:21:33 CBE684883A45E5B047DA6B4AC46C2112 55808 ----a-w- C:\Windows\Sysnative\rrinstaller.exe 2015-03-11 09:21:33 3A7BC2DC99D3C5B172465E890B3C3B14 440832 ----a-w- C:\Windows\Sysnative\AudioEng.dll 2015-03-11 09:21:33 27793FE3FF2D0123896D1A01A2D222C7 37376 ----a-w- C:\Windows\Sysnative\pcadm.dll 2015-03-11 09:21:32 A84C94CF795E08BBB99E4E145F9E81A3 11264 ----a-w- C:\Windows\Sysnative\pcawrk.exe 2015-03-11 09:21:32 947938F265D7CB99653CDFF2B3C0468D 206848 ----a-w- C:\Windows\Sysnative\mfps.dll 2015-03-11 09:21:32 84DB8EB3C184BB549ED90A842020F278 58880 ----a-w- C:\Windows\Sysnative\appidapi.dll 2015-03-11 09:21:32 63D3C30B497347495B8EA78A38188969 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2015-03-11 09:21:32 589852B65C91F574E980ABDB8205080A 146944 ----a-w- C:\Windows\Sysnative\appidpolicyconverter.exe 2015-03-11 09:21:32 0F79883E27BB1AFE2D9BB4656A1CEFCD 11264 ----a-w- C:\Windows\Sysnative\msmmsp.dll 2015-03-11 09:21:31 ED6BF1E1C4F40F600DFEC0CB101A1789 9728 ----a-w- C:\Windows\Sysnative\pcalua.exe 2015-03-11 09:21:31 C4937B9D6EF4D309A60054D4D00EE9DB 63488 ----a-w- C:\Windows\Sysnative\setbcdlocale.dll 2015-03-11 09:21:31 BE7DA70C9F4A97CCA9ED78B70BCFC9AC 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2015-03-11 09:21:31 56FD1BC602EE0E7949F92EE2EE327B72 284672 ----a-w- C:\Windows\Sysnative\EncDump.dll 2015-03-11 09:21:31 29088A5723C81BF75AD909AAB6A91610 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2015-03-11 09:21:31 00EE5D3E16D42F25F7813ACFA10EC803 24576 ----a-w- C:\Windows\Sysnative\mfpmp.exe 2015-03-11 09:21:29 EA285B947EE48103697CDA53D76C9EEC 17920 ----a-w- C:\Windows\Sysnative\appidcertstorecheck.exe 2015-03-11 09:21:18 F43B09E257121ADC501ABE9367FAA850 9728 ----a-w- C:\Windows\Sysnative\spwmp.dll 2015-03-11 09:21:17 D3F1F9C784BCCDF2C880669D69FC1970 5120 ----a-w- C:\Windows\Sysnative\dxmasf.dll 2015-03-11 09:21:16 FE03B35A22C3D2714B494FC2AB32AC5B 8704 ----a-w- C:\Windows\Sysnative\pcaevts.dll 2015-03-11 09:21:16 DBCD54B841F2B216B2F0F86E18205C22 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll 2015-03-11 09:21:16 D3F1F9C784BCCDF2C880669D69FC1970 5120 ----a-w- C:\Windows\Sysnative\msdxm.ocx 2015-03-11 09:21:14 77D49942BD5DC97723ABC8A6D2757B6E 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL 2015-03-11 09:21:12 8364A0F7633414DC5C50A37295B1FAFF 2048 ----a-w- C:\Windows\Sysnative\mferror.dll 2015-03-11 09:20:41 1FB81632476857E8451DDA8A456EF3CE 215552 ----a-w- C:\Windows\Sysnative\ubpm.dll 2015-03-11 09:20:39 01F9FEB7F0C84EA1AC6A9B4D7C6B0435 14177280 ----a-w- C:\Windows\Sysnative\shell32.dll 2015-03-11 09:20:37 E88A78273D429554B6B2D2BDA945ED9B 1067520 ----a-w- C:\Windows\Sysnative\msctf.dll 2015-03-11 09:20:35 0A4D03A4C0F908B15B8A4C48FB18F197 1424896 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2015-03-11 09:20:33 B5CBA15C9DEDBE914D24AA1494A82DF5 3179520 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2015-03-11 09:20:33 15C3986C015EA186BCB4E6096528D656 243200 ----a-w- C:\Windows\Sysnative\rdpudd.dll 2015-03-11 09:20:32 CBA2694BFC61F371181F2BE2BCD66C40 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll 2015-03-11 09:20:32 35308B0F821CE1E8EDC2FAB96F3073F3 16384 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll ====== C:\Windows\Sysnative\drivers ===== 2015-03-11 09:22:16 8BA90F480705D7153AD0060CCA62222A 155576 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-03-11 09:22:16 56ED3EE5FED6BF2FC1305CF872042868 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-03-11 09:22:16 27667A788130A7F7A5858DE27572E6D7 459336 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-03-11 09:21:41 ED6E75158D28D33A2E2A020AC5B2B59D 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys 2015-03-11 09:21:38 87BCD1034CBF33537D4D4C251D39BA26 94656 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys 2015-03-11 09:21:35 90C53BD47979FB8814F465A08B885102 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys ====== C:\Windows\Tasks ====== 2015-02-17 17:34:48 E7C9F02FC259E3763678B8F11416FF95 3818 ----a-w- C:\Windows\Sysnative\Tasks\Google Updater and Installer ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-03-13 08:45:12 -------- d-----w- C:\Program Files\trend micro 2015-03-10 10:06:40 -------- d-----w- C:\Program Files\BatteryBar 2015-02-25 13:44:39 -------- d-----w- C:\Program Files\iPod 2015-02-25 13:44:38 -------- d-----w- C:\Program Files\iTunes ======= C:\PROGRA~2 ===== 2015-03-13 08:39:48 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-02-25 14:05:57 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2015-02-25 14:05:56 -------- d-----r- C:\PROGRA~2\Skype 2015-02-25 13:44:39 -------- d-----w- C:\PROGRA~2\iTunes 2015-02-25 13:38:40 -------- d-----w- C:\PROGRA~2\QuickTime ======= C: ===== ====== C:\Users\Guy\AppData\Roaming ====== 2015-03-10 10:06:40 -------- d-----w- C:\Users\Guy\AppData\Roaming\BatteryBar 2015-03-02 15:32:14 -------- d-sh--w- C:\Users\Guy\AppData\Locallow\EmieUserList 2015-03-02 15:32:14 -------- d-sh--w- C:\Users\Guy\AppData\Locallow\EmieBrowserModeList 2015-03-02 15:32:11 -------- d-sh--w- C:\Users\Guy\AppData\Local\EmieUserList 2015-03-02 15:32:11 -------- d-sh--w- C:\Users\Guy\AppData\Local\EmieSiteList 2015-03-02 15:32:11 -------- d-sh--w- C:\Users\Guy\AppData\Local\EmieBrowserModeList 2015-02-25 14:06:09 -------- d-----w- C:\Users\Guy\AppData\Local\Skype 2015-02-25 14:06:04 -------- d-----w- C:\Users\Guy\AppData\Roaming\Skype 2015-02-25 13:42:35 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Apple Computer 2015-02-17 16:43:30 -------- d-----w- C:\Users\Guy\AppData\Locallow\Oracle 2015-02-15 10:43:52 -------- d-----w- C:\Users\Guy\AppData\Roaming\ChemTable Software 2015-02-15 09:07:49 AA7BEB9DE26B29FFEB0CBCFC68D431F2 53 ----a-w- C:\Users\Guy\AppData\Roaming\LogFile.txt ====== C:\Users\Guy ====== 2015-03-13 08:44:32 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Guy\Downloads\RSITx64.exe 2015-03-13 08:39:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-03-13 08:31:25 -------- d-----w- C:\ProgramData\Sun 2015-03-12 14:15:14 678AB0E8665345E72D11149A36F965BE 5127432 ----a-w- C:\Users\Guy\Downloads\spsetup128.exe 2015-03-10 10:05:27 79A196BD7BBC377A65EA7CBB75FB92ED 1318648 ----a-w- C:\Users\Guy\Downloads\BatteryBarSetup-3.6.6.exe 2015-03-05 14:22:47 0C66EE8AA8A13B28CFD560B0A2CE14A6 203920 ----a-w- C:\Users\Guy\Downloads\VideostreamNetworkRepair(1).exe 2015-02-25 14:05:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-02-25 14:05:50 -------- d-----w- C:\ProgramData\Skype 2015-02-25 13:45:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-02-25 13:44:38 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-02-25 13:40:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2015-02-25 13:38:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2015-02-15 09:07:39 -------- d-----w- C:\ProgramData\SpeedyPC Software ====== C: exe-files == 2015-03-13 14:37:58 F78940628EB76AB6E654C19EE33F2F89 24743106 ----a-w- C:\Users\Guy\AppData\Local\Temp\vlc-2.1.5-win32.exe 2015-03-13 12:43:40 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Guy\Dropbox\.dropbox.cache\dropbox-upgrade-3.2.9.exe 2015-03-13 08:45:13 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Guy.exe 2015-03-13 08:44:32 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Guy\Downloads\RSITx64.exe 2015-03-13 08:41:31 4341B074B6CD87D1186E2F33215DAAEF 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2165435700-71866061-3969913833-1001\$ITSRFJ4.exe 2015-03-13 08:39:22 A07427A93E1133A7F0F4691CC54B9294 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-03-13 08:39:22 94017ABBDE345580542D8301793EFF7A 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-03-13 08:39:22 30E9397C2F0C8FF128219D6A25E172BB 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-03-13 08:39:16 F95C5163F6D8955BEF59A896C7F7112D 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\unpack200.exe 2015-03-13 08:39:16 DFB1F31DD4A08FA5892886DC7117064A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmid.exe 2015-03-13 08:39:16 AF28DAA2B4EB3AD87203202264A2491C 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\klist.exe 2015-03-13 08:39:16 A29B7A1BAD1A1EB608ACF7684F1F1E37 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\tnameserv.exe 2015-03-13 08:39:16 7833052815087E5BF9346AC78FDCED68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssvagent.exe 2015-03-13 08:39:16 751E8649890CC42727D80F8D6DE1F1CB 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\servertool.exe 2015-03-13 08:39:16 7162180C98D1BE5D1315FC05B3C91E9D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\pack200.exe 2015-03-13 08:39:16 689916BDF4F58C7F7AD25F8B3ABB783A 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmiregistry.exe 2015-03-13 08:39:16 32700B34EE49959FAF64EC46D96B3630 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\ktab.exe 2015-03-13 08:39:16 1FA2D0F07730F502A857BFC63DA6C193 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\kinit.exe 2015-03-13 08:39:16 0A9C7408BADBA5D2C841817C22ACBF07 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\policytool.exe 2015-03-13 08:39:16 08363434BEC1B0AE6420C77820BC12E9 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\orbd.exe 2015-03-13 08:39:16 042B789E469D238D5FA9DEC4241CE3FD 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\keytool.exe 2015-03-13 08:39:15 A07427A93E1133A7F0F4691CC54B9294 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaws.exe 2015-03-13 08:39:15 946FD6292EAE3FBB93CC3BB01BA8763D 76712 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2launcher.exe 2015-03-13 08:39:15 94017ABBDE345580542D8301793EFF7A 191400 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaw.exe 2015-03-13 08:39:15 79B6403F5BD398BB9880F00FAF7C69DA 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe 2015-03-13 08:39:15 6031BACB59D93E5ECB4ACDE6E12565EA 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jabswitch.exe 2015-03-13 08:39:15 3DB4CD42B36FD2C98E9B51E3CBC1670E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\jjs.exe 2015-03-13 08:39:15 30E9397C2F0C8FF128219D6A25E172BB 190888 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\java.exe 2015-03-13 08:39:15 2794D464D89260B0316C16A9FE24C660 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\bin\java-rmi.exe 2015-03-13 08:22:26 45A11C9C96AB08DDEA7172C53452E447 561064 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2165435700-71866061-3969913833-1001\$RTSRFJ4.exe 2015-03-12 14:15:14 678AB0E8665345E72D11149A36F965BE 5127432 ----a-w- C:\Users\Guy\Downloads\spsetup128.exe 2015-03-11 11:20:26 FD59F4408C01BB66040664D6A91556FA 132336 ----a-w- C:\Program Files\Speccy\uninst.exe 2015-03-11 11:18:12 E6C88560A1C00BD746C9D7D1D2113881 7088408 ----a-w- C:\Program Files\Speccy\Speccy64.exe 2015-03-11 11:18:08 769EAD14263EF7CC96B7A22B0AF32469 5519128 ----a-w- C:\Program Files\Speccy\Speccy.exe 2015-03-11 09:22:15 FB95F6E11AAD62F24C2DB01E6E9D7BE7 64000 ----a-w- C:\Windows\System32\auditpol.exe 2015-03-11 09:22:15 B6C7729936AAF8E0697F0A7DCA82CED8 31232 ----a-w- C:\Windows\System32\lsass.exe 2015-03-11 09:22:15 5E76C26CAE2810EA71C161ED9A2CF0D1 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-03-11 09:22:08 2CA6A98547E799812489E5ADF2774D97 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2015-03-11 09:22:06 B5F3C8A860C39AEC1356A708C2A701A1 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2015-03-11 09:22:06 7FA2B43D940DF41E46B8049B59AB6639 718848 ----a-w- C:\Windows\System32\ie4uinit.exe 2015-03-11 09:22:03 E931C01E7DD7CEC0BD26CD1B9DA967A3 815272 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2015-03-11 09:22:03 9C7990C221DC5C283BFF5A05CF52D69B 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2015-03-11 09:22:03 5CC34CBBBD90696FD82DB670C38B13FD 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2015-03-11 09:22:02 988AB676FBF4484508BA134CAAB711EB 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-03-11 09:22:02 132862B0FC4A1B7CB45C274DE169DBB2 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2015-03-11 09:22:00 EF3BE302619A2C85A1E33FBFAB4C60F8 484864 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2015-03-11 09:22:00 D3D00B950A174882DAC32F45AB589864 813736 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2015-03-11 09:21:59 1EC0BF321D3B14D02B9A8BAC134570F4 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2015-03-11 09:21:44 FDA5F186596288F0B9ECE9DC7A5AA868 5554104 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-03-11 09:21:40 6C2D4DC5D2E271F4AE4016FD4587B0B2 3973048 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-11 09:21:40 6B4BE7F9923F727C0298E9CB0FB2A406 497080 ----a-w- C:\Windows\Boot\PCAT\memtest.exe 2015-03-11 09:21:40 2CFE69A0A8AFDA8DB9A773D728000BB7 3917760 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-11 09:21:39 73D81B5B4B2655CB1B5662E770F755D5 532176 ----a-w- C:\Windows\System32\winresume.exe 2015-03-11 09:21:39 73D81B5B4B2655CB1B5662E770F755D5 532176 ----a-w- C:\Windows\System32\Boot\winresume.exe 2015-03-11 09:21:36 7A4064169FBA91F39DB1FDC094A18DA8 619056 ----a-w- C:\Windows\System32\winload.exe 2015-03-11 09:21:36 7A4064169FBA91F39DB1FDC094A18DA8 619056 ----a-w- C:\Windows\System32\Boot\winload.exe 2015-03-11 09:21:35 93C7D1C3941086162B433107D9E8BCE3 296960 ----a-w- C:\Windows\System32\rstrui.exe 2015-03-11 09:21:35 6E974F1C384615DEB0710E44F4847351 126464 ----a-w- C:\Windows\System32\audiodg.exe 2015-03-11 09:21:33 CBE684883A45E5B047DA6B4AC46C2112 55808 ----a-w- C:\Windows\System32\rrinstaller.exe 2015-03-11 09:21:32 A84C94CF795E08BBB99E4E145F9E81A3 11264 ----a-w- C:\Windows\System32\pcawrk.exe 2015-03-11 09:21:32 63D3C30B497347495B8EA78A38188969 112640 ----a-w- C:\Windows\System32\smss.exe 2015-03-11 09:21:32 589852B65C91F574E980ABDB8205080A 146944 ----a-w- C:\Windows\System32\appidpolicyconverter.exe 2015-03-11 09:21:32 08FF727297A97907AADED4BA86CF44E9 50176 ----a-w- C:\Windows\SysWOW64\rrinstaller.exe 2015-03-11 09:21:31 ED6BF1E1C4F40F600DFEC0CB101A1789 9728 ----a-w- C:\Windows\System32\pcalua.exe 2015-03-11 09:21:31 49F4EE8DF752CFA159B99046CD1FDD2B 23040 ----a-w- C:\Windows\SysWOW64\mfpmp.exe 2015-03-11 09:21:31 00EE5D3E16D42F25F7813ACFA10EC803 24576 ----a-w- C:\Windows\System32\mfpmp.exe 2015-03-11 09:21:30 D1D03ED0A40B9EA7D45CD09E585415ED 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe 2015-03-11 09:21:30 3CB513A4E2D3666282725B09FF66D2B1 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 2015-03-11 09:21:29 EA285B947EE48103697CDA53D76C9EEC 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe 2015-03-11 09:21:27 FEB8566E798B2F6BA40AC39C90E354B3 102400 ----a-w- C:\Program Files\Windows Media Player\wmpconfig.exe 2015-03-11 09:21:27 733F15A545DCB45295EEB1E409F2D63A 102912 ----a-w- C:\Program Files\Windows Media Player\wmpshare.exe 2015-03-11 09:21:24 E357783E1561251E25513247B534D423 102400 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpshare.exe 2015-03-11 09:21:21 201283E93160A0EBBA8CC9F3F2388FDA 101888 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpconfig.exe 2015-03-10 10:06:42 1AD0D43B85A600A3F6B554B8904612F3 580135 ----a-w- C:\Program Files\BatteryBar\Uninstall.exe 2015-03-10 10:05:27 79A196BD7BBC377A65EA7CBB75FB92ED 1318648 ----a-w- C:\Users\Guy\Downloads\BatteryBarSetup-3.6.6.exe 2015-03-07 13:54:10 0C9B2DD31C94921C64C12B7BAD136CF4 268160 ----a-w- C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe 2015-03-07 13:53:58 ED70821F65B120FDBD76FCFF746FE219 335232 ----a-w- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 2015-03-07 13:53:46 5588A018C772DBD69FDE3DE255D2A328 1058176 ----a-w- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe === C: other files == 2015-03-13 08:39:16 9DCBFF045A2A43212A4763C3461A50B9 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_40\lib\deploy\ffjcext.zip 2015-03-11 09:22:16 8BA90F480705D7153AD0060CCA62222A 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2015-03-11 09:22:16 56ED3EE5FED6BF2FC1305CF872042868 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2015-03-11 09:22:16 27667A788130A7F7A5858DE27572E6D7 459336 ----a-w- C:\Windows\System32\drivers\cng.sys 2015-03-11 09:22:10 A0DEE06D68F210CA090FD4D9A33CDC12 3204096 ----a-w- C:\Windows\System32\win32k.sys 2015-03-11 09:21:41 ED6E75158D28D33A2E2A020AC5B2B59D 663552 ----a-w- C:\Windows\System32\drivers\PEAuth.sys 2015-03-11 09:21:38 87BCD1034CBF33537D4D4C251D39BA26 94656 ----a-w- C:\Windows\System32\drivers\mountmgr.sys 2015-03-11 09:21:35 90C53BD47979FB8814F465A08B885102 61440 ----a-w- C:\Windows\System32\drivers\appid.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1001\Software\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "ShowBatteryBar"="C:\Program Files\BatteryBar\ShowBatteryBar.exe show" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "ShowBatteryBar"="C:\Program Files\BatteryBar\ShowBatteryBar.exe show" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Spotify Web Helper"="\"C:\\Users\\Guy\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" "swg"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" "6F4CEC92313F9EB14C7A270E0DA24CD485F9E5AD._service_run"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --type=service" "GoogleDriveSync"="\"C:\\Program Files (x86)\\Google\\Drive\\googledrivesync.exe\" /autostart" "Google Update"="\"C:\\Users\\Guy\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" "APSDaemon"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" "ASUSWebStorage"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\3.0.143.296\\AsusWSPanel.exe /S" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" "iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\6F4CEC92313F9EB14C7A270E0DA24CD485F9E5AD._service_run] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="6F4CEC92313F9EB14C7A270E0DA24CD485F9E5AD._service_run" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --type=service" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmIcoSinglun64] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AmIcoSinglun64" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\AmIcoSingLun\\AmIcoSinglun64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ApplePhotoStreams" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSPRP] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ASUSPRP" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\ASUS\\APRP\\APRP.EXE\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSWebStorage] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ASUSWebStorage" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\3.0.108.222\\AsusWSPanel.exe /S" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATKMEDIA] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ATKMEDIA" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\ASUS\\ATK Package\\ATK Media\\DMedia.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATKOSD2] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ATKOSD2" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\ASUS\\ATK Package\\ATKOSD2\\ATKOSD2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonQuickMenu] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonQuickMenu" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Canon\\Quick Menu\\CNQMMAIN.EXE /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\emsisoft anti-malware] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="emsisoft anti-malware" "hkey"="HKLM" "command"="\"c:\\program files (x86)\\emsisoft anti-malware\\a2guard.exe\" /d=60" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ETDCtrl] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ETDCtrl" "hkey"="HKLM" "command"="%ProgramFiles%\\Elantech\\ETDCtrl.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleDriveSync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleDriveSync" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\Drive\\googledrivesync.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GUDelayStartup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GUDelayStartup" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Glary Utilities 5\\StartupManager.exe\" -delayrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GUSDelayStartup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GUSDelayStartup" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Glarysoft\\Quick Startup\\StartupManager.exe\" -delayrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HControlUser] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HControlUser" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\ASUS\\ATK Package\\ATK Hotkey\\HControlUser.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iCloudServices" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudServices.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM] "command"="C:\\ProgramData\\FLEXnet\\Connect\\11\\ISUSPM.exe -scheduler" "hkey"="HKCU" "item"="ISUSPM" "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightShot] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LightShot" "hkey"="HKCU" "command"="C:\\Users\\Guy\\AppData\\Local\\Skillbrains\\lightshot\\Lightshot.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl10] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RemoteControl10" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Cyberlink\\PowerDVD10\\PDVD10Serv.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVBg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RtHDVBg" "hkey"="HKLM" "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe /SF3 " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s" "hkey"="HKLM" "item"="RtHDVCpl" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SDTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SonicMasterTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SonicMasterTray" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\ASUS\\SonicMaster\\SonicMasterTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\Guy\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Guy\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\tomtom\\\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdatePSTShortCut] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdatePSTShortCut" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Cyberlink\\DVD Suite\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\Cyberlink\\DVD Suite\" UpdateWithCreateOnce \"Software\\CyberLink\\PowerStarter\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VAWinAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VAWinAgent" "hkey"="HKLM" "command"="C:\\ExpressGateUtil\\VAWinAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk] "item"="AsusVibeLauncher" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\AsusVibeLauncher.lnk" "backup"="C:\\Windows\\pss\\AsusVibeLauncher.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\ASUS\\AsusVibe\\ASUSVI~2.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\FancyStart daemon.lnk" "backup"="C:\\Windows\\pss\\FancyStart daemon.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\Windows\\Installer\\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\\_77B5857C27147149171BE7.exe -d" "item"="FancyStart daemon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Guy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "item"="Dropbox" "path"="C:\\Users\\Guy\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Guy\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "IntelTBRunOnce"="wscript.exe //b //nologo \"C:\\Program Files\\Intel\\TurboBoost\\RunTBGadgetOnce.vbs\"" "HotKeysCmds"="C:\\Windows\\system32\\hkcmd.exe" "Persistence"="C:\\Windows\\system32\\igfxpers.exe" "IgfxTray"="C:\\Windows\\system32\\igfxtray.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17/02/2015 17:25] C:\Windows\tasks\GlaryInitialize 5.job --a------ C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [12/02/2015 09:03] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/10/2014 15:55] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/10/2014 15:55] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2165435700-71866061-3969913833-1001Core.job --a------ C:\Users\Guy\AppData\Local\Google\Update\GoogleUpdate.exe [06/02/2015 16:38] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2165435700-71866061-3969913833-1001UA.job --a------ C:\Users\Guy\AppData\Local\Google\Update\GoogleUpdate.exe [06/02/2015 16:38] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS Patch 10430001" [C:\Windows\AsPatch10430001.exe] "C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe] "C:\Windows\SysNative\tasks\AsusVibeSchedule" ["C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe"] "C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe] "C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Guy)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe] "C:\Windows\SysNative\tasks\GlaryInitialize 5" [C:\Program Files (x86)\Glary Utilities 5\Initialize.exe] "C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Guy\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2165435700-71866061-3969913833-1001Core" [C:\Users\Guy\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2165435700-71866061-3969913833-1001UA" [C:\Users\Guy\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GU5SkipUAC" [C:\Program Files (x86)\Glary Utilities 5\Integrator.exe] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe] "C:\Windows\SysNative\tasks\{1EA4F355-653D-4D2B-A6F3-05487C488BC9}" [C:\Program Files (x86)\iTunes\iTunes.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe"] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe"] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Guy\AppData\Roaming\Mozilla\Firefox\Profiles\36q4e1br.default-1367777822496 user_pref("browser.startup.homepage", "http://deredactie.be/cm/vrtnieuws"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Guy\AppData\Roaming\Mozilla\Firefox\Profiles\36q4e1br.default-1367777822496 - Nederlands NL Language Pack - %ProfilePath%\extensions\langpack-nl@firefox.mozilla.org.xpi - YouTube to MP3 - %ProfilePath%\extensions\youtube2mp3@mondayx.de.xpi - PrintPrint Preview - %ProfilePath%\extensions\{19EB90DC-A456-458b-8AAC-616D91AAFCE1}.xpi ProfilePath: C:\Users\Guy\AppData\Roaming\Thunderbird\Profiles\u5819eqj.default - Woordenboek Nederlands - %ProfilePath%\extensions\nl-NL@dictionaries.addons.mozilla.org ProfilePath: C:\Users\Guy\AppData\Roaming\TomTom\HOME\Profiles\ovc1j5wf.default - Map status indicator - C:\tomtom\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\tomtom\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Guy\AppData\Roaming\Mozilla\Firefox\Profiles\36q4e1br.default-1367777822496 9419AA8A2799526EC32B473C2BB7A10D - c:\Picasa\Picasa3\npPicasa3.dll - Picasa 95812430959AE88CDD0301AB3A71913B - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash 960A9681F9F36A73BAB22C0421E42BE3 - C:\Users\Guy\AppData\Local\Box Edit\npBoxEdit.dll - Box Edit 98137411B9C632095F919E2CE70B288A - C:\Users\Guy\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Possible outdated, latest Stable version: 41.0.2272.89) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[24/11/2014 16:15] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 18:22] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - C:\Users\Guy\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[07/09/2014 15:55] lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Google Slides - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Voice Search Hotword (Beta) - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn YouTube - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Cast - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd Videostream for Google Chromecastâ„¢ - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl Google Search - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Avast Online Security - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Bananatag - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpbnpbfpgjkblmejlgkfkekajajhjcid Google Drive App Launcher - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Google Wallet - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fastboot.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\teamviewer.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tomtomhome.exe deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightShot deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: 127.0.0.2 www.onhax.net O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Emsisoft Protection Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Guy\AppData\Local\Mozilla\Firefox\Profiles\36q4e1br.default-1367777822496\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Guy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=77 folders=27 4527460 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Guy\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Guy\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on za 14/03/2015 at 14:21:24,56 ======================