Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Alain on do 16/07/2015 at 10:00:15,06.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Alain\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-07-16-075048.log	30513 bytes

==== Running Processes ======================

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
E:\Prey\wpxsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Windows\system32\hasplms.exe
E:\Prey\current\bin\node.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
E:\Medin NAS TOOL\MEDION NAS TOOL\MEDION NAS TOOL.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
E:\Netlimiter PRO\nlsvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\NS.exe
C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
E:\USB Drivers\25_escape\conn\ss_conn_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Popcorn Time\Updater.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\NS.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\mobsync.exe
E:\Prey\versions\1.3.9\node_modules\triggers\bin\lightevt.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
C:\Users\Alain\Downloads\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe

==== Windows Installer Info ======================

Adobe Acrobat XI Pro [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA3301FFFF7706000000000060]C:\Windows\Installer\4cfd3f.msi
Adobe Bridge 1.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\01E4D47B488600000000000000001010]C:\Windows\Installer\3e44f.msi
Adobe Common File Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D47ABDE8686099C4FBDD8F4976E81520]C:\Windows\Installer\3e459.msi
Adobe Help Center 1.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8767879ED15587446928BD5B78521701]C:\Windows\Installer\3e463.msi
Adobe Photoshop CS2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4C7BB6329144DF244031E152A7523ED4]C:\Windows\Installer\3e46e.msi
Adobe Photoshop Lightroom 5.7 64-bit [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E20B77B14E71D6B48B1A472BA93F8DDD]C:\Windows\Installer\6ba1e.msi
Adobe Stock Photos 1.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7475C6877341D3440BE6970AF04E1501]C:\Windows\Installer\3e478.msi
Apple Application Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\86DFAEADA4BB70542A148C08D4E26AD6]C:\Windows\Installer\3625b.msi
Apple Software Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F65865963B6B0EB4ABB0F894B53E0233]C:\Windows\Installer\36265.msi
Asmedia ASM106x SATA Host Controller Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5FE249168DC24D7468C9E2A9B80B581F]C:\Windows\Installer\ff69.msi
AVG PC TuneUp 2015 (nl-NL) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9A585032433DDA640A09E953134A1050]C:\Windows\Installer\86fbb.msi
AVG PC TuneUp 2015 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\281C699A42731FD44ACB6651F45ED7EF]C:\Windows\Installer\86fbf.msi
Belgium e-ID middleware 4.1.3 (build 1554) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AEA249BD6D394EF4882681D0537A5145]C:\Windows\Installer\37081.msi
Content Management Utility [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E402BAB52BAAFD54C9604437688529FD]C:\Windows\Installer\2fb5da.msi
DHTML Editing Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AF078AE2F585781409D3BCF9DF122E0E]C:\Windows\Installer\3e1b69.msi
EOSInfo  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A9FF32CCC989BED49807056E4E683251]C:\Windows\Installer\d03f9.msi
Firebird SQL Server - MAGIX Edition [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5426BE430D8CA8D48B8DEEFB7F9A4158]C:\Windows\Installer\99f9ef.msi
Google Earth [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AF057718A6CED58499106038EAF6DF1F]C:\Windows\Installer\156b87.msi
Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A089CE062ADB6BC44A720BA745894BAC]C:\Windows\Installer\77bdd.msi
High-Definition Video Playback [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26BCC73245483E341B85A3DC104358E2]C:\Windows\Installer\3ba9b.msi
Java 7 Update 79 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF230120797FF]C:\Windows\Installer\fdcc25.msi
Java 8 Update 45 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208540F]C:\Windows\Installer\3facc8.msi
LightScribe System Software [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1B92FE2806B924141A55509912D60D35]C:\Windows\Installer\5b3a75.msi
MAGIX Online Print Service [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D64DDC3CD0EB1044EBCB5F9D5940D99F]C:\Windows\Installer\99fa0e.msi
MAGIX Photo Manager 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\810CD4B0AB2448346817382FFA26F33C]C:\Windows\Installer\99fa23.msi
MAGIX PhotoStory on CD & DVD 10 Deluxe Download Version [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5F4CCFF80DE64184C8F8487D4F58D78C]C:\Windows\Installer\99fa36.msi
MAGIX Screenshare [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1CA02166A4B24DB4D8C3B73CF05D5A4C]C:\Windows\Installer\99fa04.msi
MAGIX Speed burnR (MSI) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\89BF990473AFE4B4C91893EEB0C3ED58]C:\Windows\Installer\99f9fa.msi
Microsoft .NET Framework 4.5.2 (NLD) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8AF4F1DAFA56CAE32AA7BB802E86B62E]C:\Windows\Installer\4cf1fb.msi
Microsoft .NET Framework 4.5.2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6414876250E69FF3395387C6C7F05BEB]C:\Windows\Installer\2fb3ca.msi
Microsoft Office Access MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109510031400000000000F01FEC]C:\Windows\Installer\43334.msi
Microsoft Office Excel MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109610031400000000000F01FEC]C:\Windows\Installer\432b9.msi
Microsoft Office InfoPath MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109440031400000000000F01FEC]C:\Windows\Installer\432d7.msi
Microsoft Office Office 64-bit Components 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A20000000100000000F01FEC]C:\Windows\Installer\4333e.msi
Microsoft Office Outlook MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A10031400000000000F01FEC]C:\Windows\Installer\432c4.msi
Microsoft Office PowerPoint MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109810031400000000000F01FEC]C:\Windows\Installer\432ce.msi
Microsoft Office Professional Plus 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109110000000000000000F01FEC]C:\Windows\Installer\43828.msi
Microsoft Office Proof (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10031400000000000F01FEC]C:\Windows\Installer\432ef.msi
Microsoft Office Proof (English) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10090400000000000F01FEC]C:\Windows\Installer\4330d.msi
Microsoft Office Proof (French) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F100C0400000000000F01FEC]C:\Windows\Installer\43302.msi
Microsoft Office Proof (German) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10070400000000000F01FEC]C:\Windows\Installer\432f8.msi
Microsoft Office Proofing (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109C20031400000000000F01FEC]C:\Windows\Installer\43316.msi
Microsoft Office Publisher MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109910031400000000000F01FEC]C:\Windows\Installer\43320.msi
Microsoft Office Shared 64-bit MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A20031400100000000F01FEC]C:\Windows\Installer\432e0.msi
Microsoft Office Shared MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109E60031400000000000F01FEC]C:\Windows\Installer\432ad.msi
Microsoft Office Word MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109B10031400000000000F01FEC]C:\Windows\Installer\4332a.msi
Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]C:\Windows\Installer\29a9de.msi
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1af2a8da7e60d0b429d7e6453b3d0182]C:\Windows\Installer\18cd7f.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3e43b73803c7c394f8a6b2f0402e19c2]C:\Windows\Installer\5b3a6b.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\b25099274a207264182f8181add555d0]C:\Windows\Installer\69ee5.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\17f43e.msi
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7F20769A8CFEDEE3EB64228C904DBE5E]C:\Windows\Installer\36282.msi
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC]C:\Windows\Installer\5f045.msi
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1007C6B46D7C017319E3B52CF3EC196E]C:\Windows\Installer\17f454.msi
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]C:\Windows\Installer\7e22f6.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6F9E66FF7E38E3A3FA41D89E8A906A4A]C:\Windows\Installer\693186.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A4DE204B5F8A783688899A7FB858B2F]C:\Windows\Installer\36251.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]C:\Windows\Installer\99f9e4.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]C:\Windows\Installer\17f449.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]C:\Windows\Installer\7e2300.msi
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1926E8D15D0BCE53481466615F760A7F]C:\Windows\Installer\17f45e.msi
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]C:\Windows\Installer\16d70a.msi
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7C9F8B73BF303523781852719CD9C700]C:\Windows\Installer\2cd50b.msi
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3AEB2FCAE628F23AAB933F1E743AB79]C:\Windows\Installer\2cd502.msi
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C025571B2A687A53689168CD7369889B]C:\Windows\Installer\2cd51d.msi
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DC8A59DBF9D1DA5389A1E3975220E6BB]C:\Windows\Installer\2cd514.msi
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\62DBF9290209B993A9A757D1160F9B24]C:\Windows\Installer\212e54.msi
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8D947A316B3EB3F8F540C548BE2AB9]C:\Windows\Installer\212e4a.msi
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\22BEFC8F7E2A1793E9ADB411DEFE1C58]C:\Windows\Installer\28421a0.msi
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\21EE4A31AE32173319EEFE3BD6FDFFE3]C:\Windows\Installer\2842197.msi
Microsoft_VC80_CRT_x86  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\91785D291CBB3CC40AB8659C8E48CCC2]C:\Windows\Installer\999b9.msi
Microsoft_VC90_CRT_x86  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\121E2D80A6F7BE3479DF26B944094330]C:\Windows\Installer\999c4.msi
MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDA39468D428E8B4DB27C8D5DC5CA217]C:\Windows\Installer\7ad46f.msi
MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8A266FCD4F2A1409E1C8110F44DBCE]C:\Windows\Installer\7ad491.msi
Nero 10 ClipartPack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\87B4DE69E0033304EAC61C51EC4BFD70]C:\Windows\Installer\3bba5.msi
Nero 10 Menu TemplatePack 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FD7B8C240BEF15D41B9605B6B6CE7579]C:\Windows\Installer\3bbb1.msi
Nero 10 Menu TemplatePack 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\372C217E4657E8C4AA95F01AB93C1571]C:\Windows\Installer\3bbbd.msi
Nero 10 Menu TemplatePack 3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9146412944EAB8C44AB8A0BBB1E50C62]C:\Windows\Installer\3bbc9.msi
Nero 10 Menu TemplatePack Basic [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BAE3AA36BB322B84A90D448F87706540]C:\Windows\Installer\3baa7.msi
Nero 10 Movie ThemePack 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64BABF34969500249985F18FF1EE05F6]C:\Windows\Installer\3bbd5.msi
Nero 10 Movie ThemePack 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\40491F07C69BBBE4DAB253478F371679]C:\Windows\Installer\3bbe1.msi
Nero 10 Movie ThemePack 3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\246832DD7C4145D4B87DAF6DED9A99B9]C:\Windows\Installer\3bad7.msi
Nero 10 Movie ThemePack 4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B7C0B07A725335D46A499E94E2ECE91E]C:\Windows\Installer\3bae3.msi
Nero 10 Movie ThemePack Basic [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F228BC5F563B1D34CB0CF4ADA102717A]C:\Windows\Installer\3bab3.msi
Nero 10 PiP EffectPack 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EAD4A3FEF61F1CA478BBEF007A4880F4]C:\Windows\Installer\3baef.msi
Nero 10 Sample ImagePack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FDF51DCA24CF57144B7775F629FF2265]C:\Windows\Installer\3babf.msi
Nero 10 Sample Videos [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D9E01A2900AE64A4F822EE6A0699D216]C:\Windows\Installer\3bbed.msi
Nero 10 Video TransitionPack 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6F8CEB583AA9FF345BB628677217733B]C:\Windows\Installer\3bafb.msi
Nero BackItUp 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0396BA86FFB56FF429B315A61989F46E]C:\Windows\Installer\3bb13.msi
Nero BackItUp 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6668C80205C3BA44BBC7DA44CD241EF]C:\Windows\Installer\3bbf9.msi
Nero Burning ROM 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D137D5A73B4BE0943B9357867521ABBA]C:\Windows\Installer\3bacb.msi
Nero BurningROM 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB42B6B97E084C64F95A1B765D0E3F54]C:\Windows\Installer\3bc05.msi
Nero BurnRights 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7DFC3496335FA7449810E42375A5A71]C:\Windows\Installer\3bb07.msi
Nero BurnRights 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6C868555BF94F484BB34980856A1B100]C:\Windows\Installer\3bc1d.msi
Nero Control Center 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F998BFD62A710F845A33DED88666FC83]C:\Windows\Installer\3ba77.msi
Nero ControlCenter 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B1B2B325BD8D14B409FF4C7D992E57A8]C:\Windows\Installer\3bc11.msi
Nero Core Components 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A2F6342E7B4C6B4EAE406C448AAA6F4]C:\Windows\Installer\3ba83.msi
Nero CoverDesigner 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E6A00FCF85BFA774BA9E329270015512]C:\Windows\Installer\3bb1f.msi
Nero CoverDesigner 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\55C3723C4E1EFF14D896108590D08B8D]C:\Windows\Installer\3bc29.msi
Nero DiscSpeed 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E4F094430D84E29428944BB8CE0F35C7]C:\Windows\Installer\3bb2b.msi
Nero DiscSpeed 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8140A81CA2446814FA890DF805452ACF]C:\Windows\Installer\3bc35.msi
Nero Dolby Files 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4CA0853C728C23349B53A982E25DBB79]C:\Windows\Installer\3ba8f.msi
Nero Express 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3910550722C1C544F84A65E451D51B7A]C:\Windows\Installer\3bb37.msi
Nero Express 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8193463375979384297CAE69BC26A189]C:\Windows\Installer\3bc41.msi
Nero InfoTool 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA4B214FC8835FF4B9F233BDC1359635]C:\Windows\Installer\3bb43.msi
Nero InfoTool 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\531940669569DAA41996C9AC62E9BBE3]C:\Windows\Installer\3bc4d.msi
Nero MediaHub 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F86BF7F16F253A644BF283EC6492A55E]C:\Windows\Installer\3bb50.msi
Nero MediaHub 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A268764FAC9DDE74D8184B3B9C932927]C:\Windows\Installer\3bc59.msi
Nero Multimedia Suite 10 Platinum HD [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9551C7727FC4FF44D87089AAC931AADB]C:\Windows\Installer\3ba6c.msi
Nero Recode 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\358CECE8D3C501B45B7CFF11FF278470]C:\Windows\Installer\3bb68.msi
Nero Recode 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A4D1C7BDAB80E7C48AAA7B9FBB73D2FC]C:\Windows\Installer\3bc65.msi
Nero RescueAgent 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\787E733E16FCB7B48BF40529205A0432]C:\Windows\Installer\3bb5c.msi
Nero RescueAgent 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\83252E293A16DCA44A70C384E0FE747A]C:\Windows\Installer\3bc71.msi
Nero SoundTrax 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9335EE1E23D5F854ABBA1BF93610CB2E]C:\Windows\Installer\3bb80.msi
Nero SoundTrax 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\99E78961C59C31542993B7440A7AD15B]C:\Windows\Installer\3bc7d.msi
Nero StartSmart 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E984D16F44C6CA94DA20D78ACA7AA356]C:\Windows\Installer\3bb98.msi
Nero StartSmart 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C9F7116F5BDA0954B94E217CEB2C7820]C:\Windows\Installer\3bc89.msi
Nero Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7040BB568CC47CD459E2E3FEFD5006A2]C:\Windows\Installer\3bcf9.msi
Nero Vision 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3F7924A915A29DE429ACB4BC380849E7]C:\Windows\Installer\3bb74.msi
Nero Vision 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0A1149233F91047478F47104B021F672]C:\Windows\Installer\3bc95.msi
Nero WaveEditor 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5DAFDCDE08FD00644A399EAD6D182003]C:\Windows\Installer\3bb8c.msi
Nero WaveEditor 10 Help (CHM) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F8D592A7B484BFF498BA1CDF945719EF]C:\Windows\Installer\3bca1.msi
NVIDIA PhysX [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\063A3F4B2E1ED974DA7EB93E0BF75493]C:\Windows\Installer\9ff6c.msi
Paint Shop Pro 7 ESD [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7C20ED6D74F14D1159510001A54E8BA9]C:\Windows\Installer\212e5d.msi
PDF Settings CS6 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\77EAAEFBF7DB43542B68C9C54B96E71B]C:\Windows\Installer\999ff.msi
Prey Anti-Theft [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5A0EC831899B7004D94311B69D5D1530]C:\Windows\Installer\a90ae1.msi
QuickTime  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7414007EACC2C134AA50A21B669B87D5]C:\Windows\Installer\3626f.msi
Samsung Kies [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1038C85769625584FA5435B4210089A0]C:\Windows\Installer\530562.msi
Snagit 11 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FD4C5AC772385304EAB2AC6733A640DF]C:\Windows\Installer\212e59.msi
Suite Specific [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C9AAD94C8AB5A95428445EB796FDF040]C:\Windows\Installer\3e482.msi
Turbo Lister 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C70E72987F7945A488BF9D675FD04DE6]C:\Windows\Installer\3e1b60.msi
VC80CRTRedist - 8.0.50727.6195 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5104B339816461748A822598CF3061F5]C:\Windows\Installer\6b4a6.msi

==== Checking Systemdrive for Symlinks ======================

 Het volume in station C heeft geen naam.
 Het volumenummer is BAE8-F8B7

 Map van C:\

14/07/2009  07:08    <KOPPELING>    Documents and Settings [C:\Users]
               0 bestand(en)                0 bytes

 Map van C:\Documents and Settings

14/07/2009  07:08    <SYMLINKD>     All Users [C:\ProgramData]
14/07/2009  07:08    <KOPPELING>    Default User [C:\Users\Default]
               0 bestand(en)                0 bytes

 Map van C:\Documents and Settings\Alain

22/02/2015  11:37    <KOPPELING>    Recent [C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Recent]
               0 bestand(en)                0 bytes

 Map van C:\Documents and Settings\Alain\AppData\Local

22/02/2015  11:37    <KOPPELING>    Application Data [C:\Users\Alain\AppData\Local]
22/02/2015  11:37    <KOPPELING>    Geschiedenis [C:\Users\Alain\AppData\Local\Microsoft\Windows\History]
22/02/2015  11:37    <KOPPELING>    Temporary Internet Files [C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 bestand(en)                0 bytes

 Map van C:\Documents and Settings\Alain\AppData\Roaming\Microsoft\Windows\Start Menu

22/02/2015  11:37    <KOPPELING>    Programma's [C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
               0 bestand(en)                0 bytes

 Map van C:\Documents and Settings\Alain\Documents

22/02/2015  11:37    <KOPPELING>    Mijn afbeeldingen [C:\Users\Alain\Pictures]
22/02/2015  11:37    <KOPPELING>    Mijn muziek [C:\Users\Alain\Music]
22/02/2015  11:37    <KOPPELING>    Mijn video's [C:\Users\Alain\Videos]
               0 bestand(en)                0 bytes

 Map van C:\Documents and Settings\All Users

14/07/2009  07:08    <KOPPELING>    Application Data [C:\ProgramData]
22/02/2015  11:37    <KOPPELING>    Bureaublad [C:\Users\Public\Desktop]
14/07/2009  07:08    <KOPPELING>    Desktop [C:\Users\Public\Desktop]
22/02/2015  11:37    <KOPPELING>    Documenten [C:\Users\Public\Documents]
14/07/2009  07:08    <KOPPELING>    Documents [C:\Users\Public\Documents]
22/02/2015  11:37    <KOPPELING>    Favorieten [C:\Users\Public\Favorites]
14/07/2009  07:08    <KOPPELING>    Favorites [C:\Users\Public\Favorites]
22/02/2015  11:37    <KOPPELING>    Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu]
22/02/2015  11:37    <KOPPELING>    Sjablonen [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009  07:08    <KOPPELING>    Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009  07:08    <KOPPELING>    Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 bestand(en)                0 bytes

 Map van C:\Documents and Settings\All Users\Microsoft\Windows\Start Menu

22/02/2015  11:37    <KOPPELING>    Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
               0 bestand(en)                0 bytes

 Map van C:\Documents and Settings\All Users\Oracle\Java\javapath

10/07/2015  14:40    <SYMLINK>      java.exe [C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe]
10/07/2015  14:40    <SYMLINK>      javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe]
10/07/2015  14:40    <SYMLINK>      javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe]
               3 bestand(en)                0 bytes

 Map van C:\Documents and Settings\Default

14/07/2009  07:08    <KOPPELING>    Application Data [C:\Users\Default\AppData\Roaming]
14/07/2009  07:08    <KOPPELING>    Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
14/07/2009  07:08    <KOPPELING>    Local Settings [C:\Users\Default\AppData\Local]
22/02/2015  11:37    <KOPPELING>    Menu Start [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
22/02/2015  11:37    <KOPPELING>    Mijn documenten [C:\Users\Default\Documents]
14/07/2009  07:08    <KOPPELING>    My Documents [C:\Users\Default\Documents]
14/07/2009  07:08    <KOPPELING>    NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
22/02/2015  11:37    <KOPPELING>    Netwerkprinteromgeving [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14/07/2009  07:08    <KOPPELING>    PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14/07/2009  07:08    <KOPPELING>    Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
14/07/2009  07:08    <KOPPELING>    SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
22/02/2015  11:37    <KOPPELING>    Sjablonen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
14/07/2009  07:08    <KOPPELING>    Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14/07/2009  07:08    <KOPPELING>    Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 bestand(en)                0 bytes

 Map van C:\Documents and Settings\Default\AppData\Local

14/07/2009  07:08    <KOPPELING>    Application Data [C:\Users\Default\AppData\Local]
22/02/2015  11:37    <KOPPELING>    Geschiedenis [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009  07:08    <KOPPELING>    History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009  07:08    <KOPPELING>    Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 bestand(en)                0 bytes

 Map van C:\Documents and Settings\Default\AppData\Roaming\Microsoft\Windows\Start Menu

22/02/2015  11:37    <KOPPELING>    Programma's [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
               0 bestand(en)                0 bytes

 Map van C:\Documents and Settings\Default\Documents

22/02/2015  11:37    <KOPPELING>    Mijn afbeeldingen [C:\Users\Default\Pictures]
22/02/2015  11:37    <KOPPELING>    Mijn muziek [C:\Users\Default\Music]
22/02/2015  11:37    <KOPPELING>    Mijn video's [C:\Users\Default\Videos]
14/07/2009  07:08    <KOPPELING>    My Music [C:\Users\Default\Music]
14/07/2009  07:08    <KOPPELING>    My Pictures [C:\Users\Default\Pictures]
14/07/2009  07:08    <KOPPELING>    My Videos [C:\Users\Default\Videos]
               0 bestand(en)                0 bytes

 Map van C:\Documents and Settings\Public\Documents

22/02/2015  11:37    <KOPPELING>    Mijn afbeeldingen [C:\Users\Public\Pictures]
               0 bestand(en)                0 bytes

 Map van C:\Program Files\Windows NT

22/02/2015  11:37    <KOPPELING>    Bureau-accessoires [C:\Program Files\Windows NT\Accessories]
               0 bestand(en)                0 bytes

 Map van C:\ProgramData

14/07/2009  07:08    <KOPPELING>    Application Data [C:\ProgramData]
22/02/2015  11:37    <KOPPELING>    Bureaublad [C:\Users\Public\Desktop]
14/07/2009  07:08    <KOPPELING>    Desktop [C:\Users\Public\Desktop]
22/02/2015  11:37    <KOPPELING>    Documenten [C:\Users\Public\Documents]
14/07/2009  07:08    <KOPPELING>    Documents [C:\Users\Public\Documents]
22/02/2015  11:37    <KOPPELING>    Favorieten [C:\Users\Public\Favorites]
14/07/2009  07:08    <KOPPELING>    Favorites [C:\Users\Public\Favorites]
22/02/2015  11:37    <KOPPELING>    Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu]
22/02/2015  11:37    <KOPPELING>    Sjablonen [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009  07:08    <KOPPELING>    Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009  07:08    <KOPPELING>    Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 bestand(en)                0 bytes

 Map van C:\ProgramData\Microsoft\Windows\Start Menu

22/02/2015  11:37    <KOPPELING>    Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
               0 bestand(en)                0 bytes

 Map van C:\ProgramData\Oracle\Java\javapath

10/07/2015  14:40    <SYMLINK>      java.exe [C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe]
10/07/2015  14:40    <SYMLINK>      javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe]
10/07/2015  14:40    <SYMLINK>      javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe]
               3 bestand(en)                0 bytes

 Map van C:\Users

14/07/2009  07:08    <SYMLINKD>     All Users [C:\ProgramData]
14/07/2009  07:08    <KOPPELING>    Default User [C:\Users\Default]
               0 bestand(en)                0 bytes

 Map van C:\Users\Alain

22/02/2015  11:37    <KOPPELING>    Recent [C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Recent]
               0 bestand(en)                0 bytes

 Map van C:\Users\Alain\AppData\Local

22/02/2015  11:37    <KOPPELING>    Application Data [C:\Users\Alain\AppData\Local]
22/02/2015  11:37    <KOPPELING>    Geschiedenis [C:\Users\Alain\AppData\Local\Microsoft\Windows\History]
22/02/2015  11:37    <KOPPELING>    Temporary Internet Files [C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 bestand(en)                0 bytes

 Map van C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu

22/02/2015  11:37    <KOPPELING>    Programma's [C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
               0 bestand(en)                0 bytes

 Map van C:\Users\Alain\Documents

22/02/2015  11:37    <KOPPELING>    Mijn afbeeldingen [C:\Users\Alain\Pictures]
22/02/2015  11:37    <KOPPELING>    Mijn muziek [C:\Users\Alain\Music]
22/02/2015  11:37    <KOPPELING>    Mijn video's [C:\Users\Alain\Videos]
               0 bestand(en)                0 bytes

 Map van C:\Users\All Users

14/07/2009  07:08    <KOPPELING>    Application Data [C:\ProgramData]
22/02/2015  11:37    <KOPPELING>    Bureaublad [C:\Users\Public\Desktop]
14/07/2009  07:08    <KOPPELING>    Desktop [C:\Users\Public\Desktop]
22/02/2015  11:37    <KOPPELING>    Documenten [C:\Users\Public\Documents]
14/07/2009  07:08    <KOPPELING>    Documents [C:\Users\Public\Documents]
22/02/2015  11:37    <KOPPELING>    Favorieten [C:\Users\Public\Favorites]
14/07/2009  07:08    <KOPPELING>    Favorites [C:\Users\Public\Favorites]
22/02/2015  11:37    <KOPPELING>    Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu]
22/02/2015  11:37    <KOPPELING>    Sjablonen [C:\ProgramData\Microsoft\Windows\Templates]
14/07/2009  07:08    <KOPPELING>    Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009  07:08    <KOPPELING>    Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 bestand(en)                0 bytes

 Map van C:\Users\All Users\Microsoft\Windows\Start Menu

22/02/2015  11:37    <KOPPELING>    Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
               0 bestand(en)                0 bytes

 Map van C:\Users\All Users\Oracle\Java\javapath

10/07/2015  14:40    <SYMLINK>      java.exe [C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe]
10/07/2015  14:40    <SYMLINK>      javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe]
10/07/2015  14:40    <SYMLINK>      javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe]
               3 bestand(en)                0 bytes

 Map van C:\Users\Default

14/07/2009  07:08    <KOPPELING>    Application Data [C:\Users\Default\AppData\Roaming]
14/07/2009  07:08    <KOPPELING>    Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
14/07/2009  07:08    <KOPPELING>    Local Settings [C:\Users\Default\AppData\Local]
22/02/2015  11:37    <KOPPELING>    Menu Start [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
22/02/2015  11:37    <KOPPELING>    Mijn documenten [C:\Users\Default\Documents]
14/07/2009  07:08    <KOPPELING>    My Documents [C:\Users\Default\Documents]
14/07/2009  07:08    <KOPPELING>    NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
22/02/2015  11:37    <KOPPELING>    Netwerkprinteromgeving [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14/07/2009  07:08    <KOPPELING>    PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14/07/2009  07:08    <KOPPELING>    Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
14/07/2009  07:08    <KOPPELING>    SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
22/02/2015  11:37    <KOPPELING>    Sjablonen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
14/07/2009  07:08    <KOPPELING>    Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14/07/2009  07:08    <KOPPELING>    Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 bestand(en)                0 bytes

 Map van C:\Users\Default\AppData\Local

14/07/2009  07:08    <KOPPELING>    Application Data [C:\Users\Default\AppData\Local]
22/02/2015  11:37    <KOPPELING>    Geschiedenis [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009  07:08    <KOPPELING>    History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009  07:08    <KOPPELING>    Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 bestand(en)                0 bytes

 Map van C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu

22/02/2015  11:37    <KOPPELING>    Programma's [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
               0 bestand(en)                0 bytes

 Map van C:\Users\Default\Documents

22/02/2015  11:37    <KOPPELING>    Mijn afbeeldingen [C:\Users\Default\Pictures]
22/02/2015  11:37    <KOPPELING>    Mijn muziek [C:\Users\Default\Music]
22/02/2015  11:37    <KOPPELING>    Mijn video's [C:\Users\Default\Videos]
14/07/2009  07:08    <KOPPELING>    My Music [C:\Users\Default\Music]
14/07/2009  07:08    <KOPPELING>    My Pictures [C:\Users\Default\Pictures]
14/07/2009  07:08    <KOPPELING>    My Videos [C:\Users\Default\Videos]
               0 bestand(en)                0 bytes

 Map van C:\Users\Public\Documents

22/02/2015  11:37    <KOPPELING>    Mijn afbeeldingen [C:\Users\Public\Pictures]
               0 bestand(en)                0 bytes

     Totaal aantal weergegeven bestanden:
               9 bestand(en)                0 bytes
             110 map(pen)  41.274.707.968 bytes beschikbaar


==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

Adobe Acrobat XI Pro  
Adobe Bridge 1.0  
Adobe Common File Installer  
Adobe Creative Suite 2  
Adobe Flash Player 18 ActiveX  
Adobe Help Center 1.0  
Adobe Photoshop CS2  
Adobe Photoshop CS6  
Adobe Photoshop Lightroom 5.7 64-bit  
Adobe Stock Photos 1.0  
Aiseesoft Video Downloader 6.0.32  
Alcatech BPM Studio Professional v4.9.1  
Apple Application Support  
Apple Software Update  
Asmedia ASM106x SATA Host Controller Driver  
AVG PC TuneUp 2015  
AVG PC TuneUp 2015 (nl-NL)  
AVS Video Converter 9.1  
BD Sizer 3.3.3.0 BETA  
Belgium e-ID middleware 4.1.3 (build 1554)  
Canon IJ Scan Utility  
Canon MG5400 series MP Drivers  
Canon Utilities EOS Utility 2  
CCleaner  
CD-LabelPrint  
Cobian Backup 11 Gravity  
Content Management Utility  
Data Log  
DHTML Editing Component  
dreamboxEDIT -- The one and only settings editor for your Dreambox  
DVD Flick 1.3.0.7  
DVDFab 8.2.2.6 (25/12/2012) Qt  
EASEUS Partition Master 7.0.1 Server Edition  
EDIUS 6.08  
EDIUS Codec Option 6.08  
EDIUS Hardware Drivers  
EOSInfo  
FileZilla Client 3.12.0.2  
Firebird SQL Server - MAGIX Edition  
GetFLV 9.3.1.8  
Google Earth  
Google Update Helper  
High-Definition Video Playback  
Java 7 Update 79  
Java 8 Update 45  
Java Auto Updater  
LightScribe System Software  
MAGIX Online Print Service  
MAGIX Photo Manager 10  
MAGIX PhotoStory on CD & DVD 10 Deluxe Download Version  
MAGIX Screenshare  
MAGIX Speed burnR (MSI)  
Malwarebytes Anti-Malware versie 2.1.8.1057  
marvell 91xx driver  
MEDION NAS TOOL  
Microsoft .NET Framework 4.5.2  
Microsoft .NET Framework 4.5.2 (Nederlands)  
Microsoft .NET Framework 4.5.2 (NLD)  
Microsoft Office 2007 Service Pack 3 (SP3)  
Microsoft Office Access MUI (Dutch) 2007  
Microsoft Office Excel MUI (Dutch) 2007  
Microsoft Office InfoPath MUI (Dutch) 2007  
Microsoft Office Office 64-bit Components 2007  
Microsoft Office Outlook MUI (Dutch) 2007  
Microsoft Office PowerPoint MUI (Dutch) 2007  
Microsoft Office Professional Plus 2007  
Microsoft Office Proof (Dutch) 2007  
Microsoft Office Proof (English) 2007  
Microsoft Office Proof (French) 2007  
Microsoft Office Proof (German) 2007  
Microsoft Office Proofing (Dutch) 2007  
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)  
Microsoft Office Publisher MUI (Dutch) 2007  
Microsoft Office Shared 64-bit MUI (Dutch) 2007  
Microsoft Office Shared MUI (Dutch) 2007  
Microsoft Office Word MUI (Dutch) 2007  
Microsoft Silverlight  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2005 Redistributable (x64)  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030  
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030  
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030  
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030  
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030  
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030  
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501  
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501  
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005  
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005  
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005  
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005  
Microsoft_VC80_CRT_x86  
Microsoft_VC90_CRT_x86  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
MyFreeCodec  
Nero 10 ClipartPack  
Nero 10 Menu TemplatePack 1  
Nero 10 Menu TemplatePack 2  
Nero 10 Menu TemplatePack 3  
Nero 10 Menu TemplatePack Basic  
Nero 10 Movie ThemePack 1  
Nero 10 Movie ThemePack 2  
Nero 10 Movie ThemePack 3  
Nero 10 Movie ThemePack 4  
Nero 10 Movie ThemePack Basic  
Nero 10 PiP EffectPack 1  
Nero 10 Sample ImagePack  
Nero 10 Sample Videos  
Nero 10 Video TransitionPack 1  
Nero BackItUp 10  
Nero BackItUp 10 Help (CHM)  
Nero Burning ROM 10  
Nero BurningROM 10 Help (CHM)  
Nero BurnRights 10  
Nero BurnRights 10 Help (CHM)  
Nero Control Center 10  
Nero ControlCenter 10 Help (CHM)  
Nero Core Components 10  
Nero CoverDesigner 10  
Nero CoverDesigner 10 Help (CHM)  
Nero DiscSpeed 10  
Nero DiscSpeed 10 Help (CHM)  
Nero Dolby Files 10  
Nero Express 10  
Nero Express 10 Help (CHM)  
Nero InfoTool 10  
Nero InfoTool 10 Help (CHM)  
Nero MediaHub 10  
Nero MediaHub 10 Help (CHM)  
Nero Multimedia Suite 10 Platinum HD  
Nero Recode 10  
Nero Recode 10 Help (CHM)  
Nero RescueAgent 10  
Nero RescueAgent 10 Help (CHM)  
Nero SoundTrax 10  
Nero SoundTrax 10 Help (CHM)  
Nero StartSmart 10  
Nero StartSmart 10 Help (CHM)  
Nero Update  
Nero Vision 10  
Nero Vision 10 Help (CHM)  
Nero WaveEditor 10  
Nero WaveEditor 10 Help (CHM)  
NetLimiter 3  
NewBlue Video Essentials for EDIUS  
Norton Security  
NVIDIA-configuratiescherm 347.52  
NVIDIA 3D Vision stuurprogramma 347.52  
NVIDIA Display Control Panel  
NVIDIA Grafisch stuurprogramma 347.52  
NVIDIA HD Audio-stuurprogramma 1.3.33.0  
NVIDIA Install Application  
NVIDIA PhysX  
NVIDIA Stereoscopic 3D Driver  
NVIDIA Update 10.4.0  
NVIDIA Update Core  
Paint Shop Pro 7 ESD  
PDF Settings CS6  
PlayerLiteHJ 1.0.4.1.LHJ  
Popcorn Time  
Potplayer-64 Bits  
Power Data Recovery 3.1.1  
Prey Anti-Theft  
Print Easy  
proDAD Mercalli 2.0  
proDAD Vitascene 1.0  
QuickTime  
Samsung Kies  
SAMSUNG USB Driver for Mobile Phones  
Security Update for Microsoft .NET Framework 4.5.2 (KB2972107)  
Security Update for Microsoft .NET Framework 4.5.2 (KB2972216)  
Security Update for Microsoft .NET Framework 4.5.2 (KB2978128)  
Security Update for Microsoft .NET Framework 4.5.2 (KB2979578v2)  
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224)  
Security Update for Microsoft .NET Framework 4.5.2 (KB3035490)  
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)  
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2883029) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2965282) 32-Bit Edition   
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2863812) 32-Bit Edition   
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965208) 32-Bit Edition   
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition   
Security Update for Microsoft Office Excel 2007 (KB2965281) 32-Bit Edition   
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition   
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition  
Security Update for Microsoft Office PowerPoint 2007 (KB2965283) 32-Bit Edition   
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition   
Security Update for Microsoft Office Word 2007 (KB3054996) 32-Bit Edition   
Shareaza 2.7.8.0  
Snagit 11  
SolveigMM Video Splitter Business Edition  
Stuurprogrammapakket voor Windows - Fedict SmartCard  (04/22/2015 4.1.3.0)  
Suite Specific  
TFA_Nexus  
Tint  
Turbo Lister 2  
Update for 2007 Microsoft Office System (KB967642)  
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3054986) 32-Bit Edition  
Update voor Microsoft Office Excel 2007 Help (KB963678)  
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)  
Update voor Microsoft Office Word 2007 Help (KB963665)  
VASCO Card Reader Plug-In (64-Bit)  
VASCO Smart Card Reader Plug-In (User)  
VC80CRTRedist - 8.0.50727.6195  
Video Viewer  
Video Watermark Pro  
VLC media player  
VSO ConvertXtoVideo Ultimate 1  
Web Album Generator 1.8.2  
WinRAR archiver  
WonderFox DVD Ripper Pro 7.4  

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\{cf044d34-012c-114e-cf04-44d3401234d0} deleted
C:\PROGRA~3\13829027296256722069 deleted
C:\PROGRA~3\DivX deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\Users\Alain\AppData\Roaming\pcouffin.log deleted
C:\PROGRA~3\sysqcl1129067056.dat deleted
C:\PROGRA~3\eBay deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Alain\AppData\Local\Wondershare deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Alain\Documents\Updater deleted
C:\Users\Public\Desktop\Aiseesoft Video Downloader.lnk deleted

==== System Specs ======================

Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8182 MB
CPU Info: Intel(R) Core(TM) i7 CPU         950  @ 3.07GHz
CPU Speed: 3160,6 MHz
Sound Card: Luidsprekers (High Definition A | 
Digitale audio (S/PDIF) (High D | 
Digitale audio (S/PDIF) (High D | 
S27C590-3 (NVIDIA High Definiti | 
Display Adapters: NVIDIA GeForce GTX 460 | NVIDIA GeForce GTX 460 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Intel(R) 82567LM-2 Gigabit-netwerkverbinding
CD / DVD Drives: 2x (H: | I: | ) H: HL-DT-STBD-RE  BH10LS30  | I: HL-DT-STBD-RE  BH10LS30
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  167,6GB | D:  686,0GB | E:  245,6GB | F:  596,2GB | G:  596,2GB
Hard Disks - Free: C:  38,4GB | D:  581,5GB | E:  229,7GB | F:  270,1GB | G:  317,9GB
Manufacturer *: Intel Corp.
BIOS Info: AT/AT COMPATIBLE | 04/14/10 | INTEL  - 1450
Time Zone: Romance (standaardtijd)
Motherboard *: Intel Corporation DX58SO
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: Norton Security On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Norton Security disabled (Outdated)
Firewall: Norton Security disabled
Internet Explorer Version: 11.0.9600.17914 
Sun Java version: 1.8.0_45 (32-bit) 
Sun Java version: 1.8.0_45 (64-bit) 

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Alain\AppData\Local\Temp ====
====== Java Cache =====
2015-07-10 12:40:28	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Alain\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-161e9dc0
2015-07-10 12:40:33	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Alain\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\47c58863-5cd91fb5
2015-07-03 08:22:37	DBF17A58161E1D2842EA3EE16382E04E	38	----a-w-	C:\Users\Alain\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\6c5ec6c8-6d9c02870d6a663c386d1d14ef0646af0d81983bed207c33dd58d7942e9ade13-6.0.lap
====== C:\Windows\SysWOW64 =====
2015-07-15 12:24:27	E42BB0E02C8F6C8D1CCBFE6AB8EB199F	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-07-15 12:24:27	E3883C13DB4D19E29095C9F4BC27B755	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 12:24:27	D503616B296B869486AA84D6DB8FB6A5	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 12:24:27	1A04239A054D810CF32C46F2B70C47B7	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 12:24:26	E8F3572F002B556D19AC3AE4A11CAC2E	342736	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 12:24:26	95C40DFE3B3CFCEBA2DF9E493945A7B5	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 12:24:26	87E5B70C9F0DE7E3D620E1E3A60AA274	504320	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-07-15 12:24:26	18465944F711AD3FDE58675C3C42FA99	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 12:24:26	019019007E6980EACAC80DE04B5D330A	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 12:24:25	E475D4B65088F4F7FABF7D427CD3D30E	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 12:24:25	CC044CFF6018AD0368AF3A8149721407	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 12:24:25	81ED1F775E5DDBE990D9C3AFF507DAC2	664064	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-07-15 12:24:25	442DB5B16073DE2E79E1912D0B77F343	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 12:24:25	43CF584D989A4A0EA6B5D3EBFAD260B7	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 12:24:25	2CC6836C44C84583386702468125654F	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-07-15 12:24:25	0CB44ADB09C5BE7CE9D1D1F04E909067	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 12:24:23	72D524ED31A2FBA7432801361CE41FC3	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-07-15 12:24:23	63B01F72FD727D5736DBEF54174D8F93	1951232	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-07-15 12:24:23	17DFCBA042195666632C889E04913E19	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-07-15 12:24:23	0DE5FE06603CF80238EFD9D67AB45A56	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 12:24:15	116F506573B59B85CD0DC18527E9951A	19877376	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-07-15 12:24:14	AFAEB9E4269846C64DC9721B1BFA5CEC	12855296	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-07-15 12:24:14	4E4B3CAC5C62415AF5C6B0167A376EB8	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 12:24:14	37BC6BC6CFC38A6202B28459F7CCE4CD	479232	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-07-15 12:24:14	05CA106A1B68770BDABB9AA7AEAE516A	1310720	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-07-15 12:24:12	8EDF7B6D3A563DAA06DD87053C734168	2279424	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-07-15 12:24:09	3D73FC0D0997DA1EF6F705EF9936AB20	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 12:24:09	31165F9D71D3C249AB97FBAE55DE4B49	4520448	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-07-15 12:24:08	E2A2B221A47271DD4176FB9B93F670E6	93184	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-07-15 12:24:08	CBC91E2E6158358E82D153D811B73C38	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-07-15 12:24:08	7F13188A9656355F664313334971DA22	173056	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 12:24:08	1728A7831E95BCEEEA3F0D07AE6F74EE	566784	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2015-07-15 12:24:08	13810657EE732C2F5453C0C877FD5DB2	34816	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-07-15 12:24:06	E97B4515FC3846CB5C6853C40E71EF28	36864	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 12:24:06	E6F375BAA4F839592627DA3E95BF3977	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-07-15 12:24:06	E344031017D52F5F1A4C759A815625CC	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 12:24:06	CA017983095846BFCFBE9C02B40958B3	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 12:24:06	A719B9156A6DCDBACC201D9163AFF8D1	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-07-15 12:24:06	A41BF25E4F145E1BC00445B6421B9E11	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-07-15 12:24:06	98226182583DF1715F1BE6CCEA6E8D95	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-07-15 12:24:06	96741CBB4CC3638A2BCB11F93B92B738	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-07-15 12:24:06	81E207D09B2A7723A549EFB34B47C7EA	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-07-15 12:24:06	6AE6E08938D5BA9D8BA305506620B48D	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-07-15 12:24:06	4466D67AC240FE1CCCB32BE743BCB488	552960	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-07-15 12:24:06	393FDE87F56A8E98AC1B37ADB2181332	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 12:24:06	2E8C9C3223E05F4B42FB89C03DD09C1D	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-07-15 12:24:06	2B4A31319D74B3D3407AB64942B7FF32	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-07-15 12:24:06	02CD86D59807467D065F521BE81BB858	665088	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 12:24:03	6E91F67335D57DDFFE798C815444B0E3	210432	----a-w-	C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 12:24:03	143046AC227C193B5B2E0E20BC0CF1DD	312320	----a-w-	C:\Windows\SysWOW64\gdi32.dll
2015-07-15 12:24:02	F4AFDB5ABEA0C9079E8193E24D1DB21D	1174528	----a-w-	C:\Windows\SysWOW64\crypt32.dll
2015-07-15 12:24:02	D864C283FFD7C080FDC25FD4C798FF8D	103936	----a-w-	C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 12:24:02	588D52C2D0E60EE71FD5A64407865B10	179200	----a-w-	C:\Windows\SysWOW64\wintrust.dll
2015-07-15 12:24:02	33F67BBCC3C0499D3F3382473114CFA8	143872	----a-w-	C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 12:24:00	5E3ED0FB3D07258A72C27CAFAA9D0101	6131200	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2015-07-15 12:23:59	603ADCCAA52D1E0675C63646AFBBA992	856064	----a-w-	C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 12:23:59	2CECF5A9E952E3165F14267544A2E6A6	53248	----a-w-	C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 12:23:58	4548507ED3C17DB4739DBBEAF6378004	1414656	----a-w-	C:\Windows\SysWOW64\ole32.dll
2015-07-15 12:23:57	F61A069A5517F85662ED9A6C5AD5445A	73216	----a-w-	C:\Windows\SysWOW64\msiexec.exe
2015-07-15 12:23:57	D7C4ABB0F1FFA371928EED0C7A6E24DC	2364416	----a-w-	C:\Windows\SysWOW64\msi.dll
2015-07-15 12:23:57	C08582E7F8EA706A2D4A3C7BD5AC35C1	337408	----a-w-	C:\Windows\SysWOW64\msihnd.dll
2015-07-15 12:23:57	A344B1EFA7DB86AE1407039CD596FB1E	25088	----a-w-	C:\Windows\SysWOW64\msimsg.dll
2015-07-15 12:23:57	7B4277F9E9F48D5D8E6AEA341F8048E8	1805824	----a-w-	C:\Windows\SysWOW64\authui.dll
2015-07-15 12:22:40	E5D33416F2BA5E11C11215439DD3BF23	299008	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-07-15 12:22:40	B1BD587DE3E077CBB9F749C2CC3B8D6C	34304	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-07-15 12:22:40	94815184BAAB8518F4027E92C6025505	70656	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2015-07-15 12:22:40	5945A57802C6641478AF680FF839287E	10240	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2015-07-15 12:22:40	4644A3B2AFDDAEA57C3EC30F8D079E54	25600	----a-w-	C:\Windows\SysWOW64\lpk.dll
2015-07-12 13:11:36	A08EB3468870923D4D01DB45A2B4A405	36664	----a-w-	C:\Windows\SysWOW64\uxtuneup.dll
2015-07-12 13:11:36	3CDDEDDEFE4F6A9994474B97733B603B	25912	----a-w-	C:\Windows\SysWOW64\authuitu.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-07-15 12:24:27	A51BF63E9EA6DDED50A69797EAD23576	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-07-15 12:24:27	50AAC6B4AFD93060456134A29C35FB1E	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-07-15 12:24:26	4887D79B5CE61A00FCC5C53AA2216007	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-07-15 12:24:26	44D98BF1ED7B520602A55446E28D8840	720384	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-07-15 12:24:26	3A46FC42EDE2021399FCD9E4A7A406F8	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-07-15 12:24:25	DAECFA33350D863D49157506587D5EF8	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-07-15 12:24:25	BCE51D1B0F7BC8977CDAECD24A0D4C88	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-07-15 12:24:25	80E899C111219316B94BBA72FAFF7D11	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-07-15 12:24:25	7EEC52D1B800230A4E8EC81B92D61118	389832	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-07-15 12:24:25	434CBA59035C4F3A02E5AB92FD6C816B	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-07-15 12:24:24	BB33A140CA61A22B5882486881E2191A	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-07-15 12:24:24	AF3D4DA49A9C9C9778953CE9D7470C11	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-07-15 12:24:24	58243D92748201D38AACDAEA22527412	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-07-15 12:24:23	B5164F4515C4BC4F45FBF5B3A99685C0	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-07-15 12:24:23	9B9D2B99A865CB3B9BAA9BE77A300680	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-07-15 12:24:23	142D20CA55870589B009D53C37C0B75C	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-07-15 12:24:22	F30702F2607AEE462A6AB8715E72FC03	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-07-15 12:24:22	796A89701B2560FF453FF08FF941A169	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-07-15 12:24:22	74F367C596EEF3106EBC65625F04C807	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-07-15 12:24:22	4024752E6B341B07F3823B7DA72C45D2	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-07-15 12:24:21	E066FDC3A2074D926903B8C31EF3B347	2427392	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-07-15 12:24:21	C95EE658B7816B3588418E948EF55F83	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-07-15 12:24:21	8DA3623D372E5147914973383D998980	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-07-15 12:24:21	88E26FC9F8BDE0635F379BB8FE6BFFF1	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-07-15 12:24:14	FC165889E97E37BCB55C5B79BEB3D331	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-07-15 12:24:14	78E4D3781E5632BA88E5153510BEB625	1545728	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-07-15 12:24:13	D74E2BE157B8A2A9CF29BEBB052B8A42	25193984	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-07-15 12:24:13	6A70888EEC05B45C8990E8977C480019	14453248	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-07-15 12:24:13	120E3CE08505A9637CAB72D35A2D2E8C	615936	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-07-15 12:24:12	41D59904967A4033FB4497DCED7320AD	2885632	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-07-15 12:24:09	C4EA3D63E8BF077ECD1E93BF6556AE99	3207168	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-07-15 12:24:09	837BD6BB879405B416A4326C8B723D83	5923840	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-07-15 12:24:09	2A795629E0746D82A229A01EEE75FCE5	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-07-15 12:24:08	F56E83C1EFEDEF919033CBFF071602B6	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2015-07-15 12:24:08	D79E3C2D45315ADCAA267A05355DFBF5	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-07-15 12:24:08	BC80574FF264848F8613A3F6F7AF7642	192000	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2015-07-15 12:24:08	AA3E844A2595B1AA5825C70CA50D963E	2603008	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-07-15 12:24:08	84CEF9B2D8ED8006B3975DC1D8109B3D	696320	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-07-15 12:24:08	80381DD7C4797A601E59F8E001B46793	3154944	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-07-15 12:24:08	3F9239D5F65F1318A53EBAEC01C092F1	139776	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-07-15 12:24:08	3EDB01024BA86C5B4D2CB307DC5D3AC0	37376	----a-w-	C:\Windows\Sysnative\wuapp.exe
2015-07-15 12:24:08	2896A06239E19379CE44FAFCDB1675B1	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-07-15 12:24:08	00DCC688DF459A9FEE42C7397668C62B	98304	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-07-15 12:24:08	00383E521D3D039968B92A0998BA76FD	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-07-15 12:24:06	F66102F990EE913261ED7907403718ED	729088	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-07-15 12:24:06	F01A58E45BB8E28CCE6BCF272FF0F9A8	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-07-15 12:24:06	EEB192537935BB12A998CAB8F5A07E78	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-07-15 12:24:06	E8560BC8E1B85A5A081AEF43626187B1	44032	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2015-07-15 12:24:06	D5844B744F7BAF826965DD634FF8DB00	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-07-15 12:24:06	C3F6A9A41CC8591EF0370708E54DE474	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-07-15 12:24:06	C3F0594AF92FE71B13A44177FDB80784	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-07-15 12:24:06	B1D191D0EDEB86197A5FD5030B65420F	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-07-15 12:24:06	A66FF313F2F8A6CBF9BB2B0CC92D5ACD	1216512	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2015-07-15 12:24:06	9F2CCDE3F30C224C082984B6F95D3D95	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-07-15 12:24:06	9EA6DA45B95599C27B1661C1D99307D7	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-07-15 12:24:06	97D879A884E7CDFED51AD63348A35254	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-07-15 12:24:06	7C26CACB82ECA09874B984B155B06AD4	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-07-15 12:24:06	750C44D6F7A708F0C6618F075A0A68A7	315392	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-07-15 12:24:06	55750A7588D91B102EB17E69BFF2AAF1	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-07-15 12:24:06	48A88348F1539CC7C8CB4E032DD79DAA	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-07-15 12:24:06	3B96392CBE54FF44BEAEB0B4BCC65487	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-07-15 12:24:06	09730D830B2B69B626817F4A95945308	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-07-15 12:24:04	F6D23F6707CAEA235E4C84A4AC87EB2A	3180544	----a-w-	C:\Windows\Sysnative\rdpcorets.dll
2015-07-15 12:24:04	960D313FFBC9C4C14D9DFDB1FEB21CBD	16384	----a-w-	C:\Windows\Sysnative\RdpGroupPolicyExtension.dll
2015-07-15 12:24:03	EFFFE1C77ACCE66C82CCFD18A9687F48	404992	----a-w-	C:\Windows\Sysnative\gdi32.dll
2015-07-15 12:24:03	60696836CAD56F1B47059E1BA739787D	254976	----a-w-	C:\Windows\Sysnative\cewmdm.dll
2015-07-15 12:24:02	C5752F5CE47B6B00F914AE91087C0CB4	229376	----a-w-	C:\Windows\Sysnative\wintrust.dll
2015-07-15 12:24:02	7EE0A3B9E904AF4744E4D8F00CB5CA32	140288	----a-w-	C:\Windows\Sysnative\cryptnet.dll
2015-07-15 12:24:02	7BC3E861F7E8EB543A630090FAE779E0	188416	----a-w-	C:\Windows\Sysnative\cryptsvc.dll
2015-07-15 12:24:02	71187FA11F58012C188453877E16EB8B	1480192	----a-w-	C:\Windows\Sysnative\crypt32.dll
2015-07-15 12:24:01	673CF0DA2BE5D86282FC7C5BE3172470	429568	----a-w-	C:\Windows\Sysnative\wksprt.exe
2015-07-15 12:24:00	823BAE27CBF54C1E3E0CD964909A253E	7077376	----a-w-	C:\Windows\Sysnative\mstscax.dll
2015-07-15 12:23:59	18B16B510258DEBE6121CA25CFCD2AE8	1057792	----a-w-	C:\Windows\Sysnative\rdvidcrl.dll
2015-07-15 12:23:59	04A5640833EE276AA4E8C71EB56613AF	62976	----a-w-	C:\Windows\Sysnative\tsgqec.dll
2015-07-15 12:23:58	E3EB94B45A2735D4559558B5899732E8	2087424	----a-w-	C:\Windows\Sysnative\ole32.dll
2015-07-15 12:23:57	D9A91A779B5059E72D7FAD2B38275EA4	3242496	----a-w-	C:\Windows\Sysnative\msi.dll
2015-07-15 12:23:57	CDAD406033C31DB34185DDAECDD35FE2	504320	----a-w-	C:\Windows\Sysnative\msihnd.dll
2015-07-15 12:23:57	978DC0A1FBE9CC91B21B40AF66CB396A	70656	----a-w-	C:\Windows\Sysnative\appinfo.dll
2015-07-15 12:23:57	91593D4FB7D89249014564A5F3EC389B	25088	----a-w-	C:\Windows\Sysnative\msimsg.dll
2015-07-15 12:23:57	81CB8D34112178CE1826C86BA5F268C3	128000	----a-w-	C:\Windows\Sysnative\msiexec.exe
2015-07-15 12:23:57	5489E74E56C0255159C8AE2C70744458	1941504	----a-w-	C:\Windows\Sysnative\authui.dll
2015-07-15 12:23:57	0D9514850CC3A99A6600643F2888858B	112064	----a-w-	C:\Windows\Sysnative\consent.exe
2015-07-15 12:23:48	D236055773550118989C0C81CBE79A29	765440	----a-w-	C:\Windows\Sysnative\invagent.dll
2015-07-15 12:23:48	BBA5CB528CB7482E118D0FEAF808987A	17856	----a-w-	C:\Windows\Sysnative\CompatTelRunner.exe
2015-07-15 12:23:48	782C216AFEE0561680706698F70B2A93	1085440	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-07-15 12:23:48	658B5EC540CD94D76889D0E8390B1C04	433664	----a-w-	C:\Windows\Sysnative\devinv.dll
2015-07-15 12:23:48	5D507961F680D0A0392CC5EB6515E70A	726528	----a-w-	C:\Windows\Sysnative\generaltel.dll
2015-07-15 12:23:48	5663847B3DCC8382B1D1F1EEB4A92994	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
2015-07-15 12:23:48	474EA5201E3883F747D540D3EF57C1F2	1145856	----a-w-	C:\Windows\Sysnative\aeinv.dll
2015-07-15 12:23:48	0919F433ED64E6CD1912C016F1E80BE7	67584	----a-w-	C:\Windows\Sysnative\acmigration.dll
2015-07-15 12:22:40	AE7E9E9581E2B874348A0DF38AD04722	100864	----a-w-	C:\Windows\Sysnative\fontsub.dll
2015-07-15 12:22:40	690FE1D790C8C7E94EAA55B669BC5CE0	46080	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-07-15 12:22:40	44F32DF903B984B4C6A164E99A39FC58	372224	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-07-15 12:22:40	373CB9C184589E3BE07412DFD5DF3D4F	41984	----a-w-	C:\Windows\Sysnative\lpk.dll
2015-07-15 12:22:40	2C4AD63E4D89661C9FED77E81053735D	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2015-07-12 13:11:36	9F4C11A9A4280F49575D0612E4C18E78	44856	----a-w-	C:\Windows\Sysnative\uxtuneup.dll
2015-07-12 13:11:36	722615843CE0F4E1EB48CA2167773694	30520	----a-w-	C:\Windows\Sysnative\authuitu.dll
2015-07-12 13:04:01	69735D2D67321E1AA4124186716FB105	41784	----a-w-	C:\Windows\Sysnative\TURegOpt.exe
====== C:\Windows\Sysnative\drivers =====
2015-07-15 12:24:06	C0A6C3D6E02B61B5D100FE17306C276F	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-07-15 12:24:06	7A7328E427694CC7244235C3BC299F80	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-07-15 12:24:06	45A03A0B6461EFBEE77E0A6AC2816EDA	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-07-15 12:24:06	21AF322605D8C7F2A627C22634D1C9C9	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-07-15 12:24:06	1877EB1495CFBDAB27D6A32F6DDF3818	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-07-13 03:19:44	8F22037D3F5A6BB676525D825A1388B9	113880	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-07-13 03:19:33	E681CE4AE5C09651D53CB4387CA3560E	109272	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-07-13 03:19:33	AE757332EA130E94E646621CC695B52A	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2015-07-13 03:18:45	A8D28D5B3E2A528D1EF0E338E44F2820	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
====== C:\Windows\Tasks ======
2015-06-19 17:52:12	ECEF6BFF4C61FF06383157A15A82DD0E	3502	----a-w-	C:\Windows\Sysnative\Tasks\AdobeAAMUpdater-1.0-PCAlain-Alain
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-07-14 20:37:39	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2015-06-27 07:08:13	--------	d-----w-	C:\PROGRA~2\MarkAny
======= C: =====
====== C:\Users\Alain\AppData\Roaming ======
2015-07-12 13:06:02	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG
2015-07-12 13:04:02	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg
2015-07-12 13:03:26	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg
2015-07-12 13:03:19	--------	d-----w-	C:\Users\Alain\AppData\Roaming\AVG
2015-07-12 13:03:19	--------	d-----w-	C:\Users\Alain\AppData\Local\Avg
2015-07-12 03:39:10	--------	d-----w-	C:\Users\Alain\AppData\Roaming\BANDISOFT
2015-07-04 13:53:09	AF7CE12C4F3DC8CB2B07685C916BBCFE	82816	----a-w-	C:\Users\Alain\AppData\Roaming\pcouffin.sys
2015-07-04 13:53:09	7F13C6D2AE5F9D8B41E9D7D6CAD16EAA	1167	----a-w-	C:\Users\Alain\AppData\Roaming\pcouffin.inf
2015-07-04 13:53:09	1E7BDB2AC98BCE13AE85C0F6DB1ECCB8	7859	----a-w-	C:\Users\Alain\AppData\Roaming\pcouffin.cat
2015-07-04 13:53:09	16E53BFC96CE14021C0E07EB1C198478	99384	----a-w-	C:\Users\Alain\AppData\Roaming\inst.exe
2015-07-04 03:24:22	--------	d-----w-	C:\Users\Alain\AppData\Roaming\SolidDocuments
====== C:\Users\Alain ======
2015-07-14 18:49:37	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Alain\Downloads\RSITx64.exe
2015-07-14 06:15:27	F3E543DCE2ABC69ACE60DA130BF346FA	6483456	----a-w-	C:\Users\Alain\Downloads\FileZilla_3.12.0.2_win64-setup.exe
2015-07-12 13:03:46	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015
2015-07-12 13:02:17	--------	d--h--w-	C:\ProgramData\Common Files
2015-07-12 13:02:14	--------	d-----w-	C:\ProgramData\AVG
2015-07-04 13:53:08	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2015-06-27 07:03:55	--------	d-----w-	C:\Users\Public\Documents\CrashDump
2015-06-22 03:54:57	--------	d-----w-	C:\Users\Alain\Start Menu

====== C: exe-files ==
2015-07-16 07:55:50	D7E523E6F4C911EDFF6A8325ACAEE56C	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe
2015-07-16 07:55:50	C42B77A66A4B794A56DFCD2FBEA5AD01	931408	----a-w-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateSetup.exe
2015-07-16 07:55:50	93EE27EEA252951660682E891B72D7F5	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateWebPlugin.exe
2015-07-16 07:55:50	81A1D591D429FF81D443A993B9B91301	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateBroker.exe
2015-07-16 07:55:46	FC8EE235C4F75C96907C25EF1349CB81	130888	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateComRegisterShell64.exe
2015-07-16 07:55:46	92D840650F95EB60659952AEECAFCE85	305992	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
2015-07-16 07:55:46	54FB3B0B29F76E839C648D2F5983A22C	245576	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
2015-07-16 07:55:33	C6FF00DA1605982E616C03BE809FFE2D	144200	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdate.exe
2015-07-16 07:55:29	C42B77A66A4B794A56DFCD2FBEA5AD01	931408	----a-w-	C:\Program Files (x86)\Google\Update\Install\{BF9E5843-3EE3-4311-BEFC-BB5F71CF3963}\GoogleUpdateSetup.exe
2015-07-16 07:55:29	C42B77A66A4B794A56DFCD2FBEA5AD01	931408	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.1\GoogleUpdateSetup.exe
2015-07-16 03:22:01	756B53B44022623FF5F7650EE6835513	17272144	----a-w-	C:\Program Files (x86)\AVS4YOU\AVSVideoConverter\avsvideoconverter.exe
2015-07-15 12:24:27	50AAC6B4AFD93060456134A29C35FB1E	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-07-15 12:24:26	8EA2ED812E996D95DE37CD2CE3158C2C	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-07-15 12:24:26	44D98BF1ED7B520602A55446E28D8840	720384	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-07-15 12:24:25	E475D4B65088F4F7FABF7D427CD3D30E	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 12:24:25	C899B9E60D663BE24B35EFBC29192A7C	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-07-15 12:24:25	A7B6589F92C9CB498CDBA42EBEB23EE4	815312	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-07-15 12:24:25	80E899C111219316B94BBA72FAFF7D11	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-07-15 12:24:23	D295049B06D31020A88B170445123D33	814280	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-07-15 12:24:23	142D20CA55870589B009D53C37C0B75C	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-07-15 12:24:14	3698C298719803F6502612D651A852B2	491008	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-07-15 12:24:14	26492D0AE6279B60A3801EDBE3CB794C	473600	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-07-15 12:24:08	3F9239D5F65F1318A53EBAEC01C092F1	139776	----a-w-	C:\Windows\System32\wuauclt.exe
2015-07-15 12:24:08	3EDB01024BA86C5B4D2CB307DC5D3AC0	37376	----a-w-	C:\Windows\System32\wuapp.exe
2015-07-15 12:24:08	13810657EE732C2F5453C0C877FD5DB2	34816	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-07-15 12:24:06	F01A58E45BB8E28CCE6BCF272FF0F9A8	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-07-15 12:24:06	97D879A884E7CDFED51AD63348A35254	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-07-15 12:24:06	2B4A31319D74B3D3407AB64942B7FF32	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-07-15 12:24:01	673CF0DA2BE5D86282FC7C5BE3172470	429568	----a-w-	C:\Windows\System32\wksprt.exe
2015-07-15 12:23:57	F61A069A5517F85662ED9A6C5AD5445A	73216	----a-w-	C:\Windows\SysWOW64\msiexec.exe
2015-07-15 12:23:57	81CB8D34112178CE1826C86BA5F268C3	128000	----a-w-	C:\Windows\System32\msiexec.exe
2015-07-15 12:23:57	0D9514850CC3A99A6600643F2888858B	112064	----a-w-	C:\Windows\System32\consent.exe
2015-07-15 12:23:48	BBA5CB528CB7482E118D0FEAF808987A	17856	----a-w-	C:\Windows\System32\CompatTelRunner.exe
2015-07-14 20:37:40	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Alain.exe
2015-07-14 18:49:37	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Alain\Downloads\RSITx64.exe
2015-07-14 18:49:37	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Documents and Settings\Alain\Downloads\RSITx64.exe
2015-07-14 06:15:27	F3E543DCE2ABC69ACE60DA130BF346FA	6483456	----a-w-	C:\Users\Alain\Downloads\FileZilla_3.12.0.2_win64-setup.exe
2015-07-14 06:15:27	F3E543DCE2ABC69ACE60DA130BF346FA	6483456	----a-w-	C:\Documents and Settings\Alain\Downloads\FileZilla_3.12.0.2_win64-setup.exe
2015-07-12 13:04:01	69735D2D67321E1AA4124186716FB105	41784	----a-w-	C:\Windows\System32\TURegOpt.exe
2015-07-11 08:52:58	B3DBD6A2286BA43018F58349E51EC8B1	691712	----a-w-	C:\Windows\System32\GWX\GWXConfigManager.exe
2015-07-11 08:52:58	7B375C10CACC2FEBEC978D023ADBAB9C	513024	----a-w-	C:\Windows\System32\GWX\GWX.exe
2015-07-11 08:52:58	621FC2FCBB852684C1F1106E28CCC84F	438784	----a-w-	C:\Windows\SysWOW64\GWX\GWX.exe
2015-07-11 08:52:58	1608E63BD26C74BEBB31BCAFDFC96BD6	343040	----a-w-	C:\Windows\System32\GWX\GWXDetector.exe
2015-07-11 08:52:58	0A31B851379818A8ECF1F7643FFA3F5A	382768	----a-w-	C:\Windows\System32\GWX\GWXUXWorker.exe
2015-07-11 08:52:57	6008147E0BDAC5C23A0A314E96783F72	413696	----a-w-	C:\Windows\System32\GWX\GWXUX.exe
2015-07-10 12:40:09	EED888394AC81A663F12C6EC43AB2838	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-07-10 12:40:09	EED888394AC81A663F12C6EC43AB2838	0	----a-we	C:\Documents and Settings\All Users\Oracle\Java\javapath\javaw.exe
2015-07-10 12:40:09	4586CD8F1C929EF184098A22FE31A857	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-07-10 12:40:09	4586CD8F1C929EF184098A22FE31A857	0	----a-we	C:\Documents and Settings\All Users\Oracle\Java\javapath\javaws.exe
2015-07-10 12:40:09	1E2E159D0621A466CFA7CE06E4DA9CAE	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-07-10 12:40:09	1E2E159D0621A466CFA7CE06E4DA9CAE	0	----a-we	C:\Documents and Settings\All Users\Oracle\Java\javapath\java.exe
2015-07-10 12:40:06	FF589C55E0CB6A0A1BD9570217BB1A42	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\tnameserv.exe
2015-07-10 12:40:06	FD8978875A992C876AF430B35DF9CFA7	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\pack200.exe
2015-07-10 12:40:06	F16868F20E4701142FAEF8C9FA847D27	30304	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jabswitch.exe
2015-07-10 12:40:06	EF66D96BC42BCE52686A7635AB11D8DD	68192	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe
2015-07-10 12:40:06	EED888394AC81A663F12C6EC43AB2838	191072	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe
2015-07-10 12:40:06	D3DA34876B7F6D06D26D29CA77BD25A2	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\ktab.exe
2015-07-10 12:40:06	CF683290B3369A1491A5B8B4D19F79B3	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jjs.exe
2015-07-10 12:40:06	C57CA849D13177E1F43CFEF51374F1EE	159328	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\unpack200.exe
2015-07-10 12:40:06	B66ED84383EA6C6218CA47BC49C15615	50784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssvagent.exe
2015-07-10 12:40:06	A1A1BC927541346D840BBB511F557848	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\policytool.exe
2015-07-10 12:40:06	98903A3C01AA820E7FCC19A0A60126C0	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\klist.exe
2015-07-10 12:40:06	88FFC43B0E3BB3E30F70CB7B08D499B4	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\java-rmi.exe
2015-07-10 12:40:06	5DF39BE82C777B7EDAD34E3A7A7EADB7	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmid.exe
2015-07-10 12:40:06	4EA6A4DD2EB584C4C2BF39A9A7D0D580	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\keytool.exe
2015-07-10 12:40:06	4586CD8F1C929EF184098A22FE31A857	271968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe
2015-07-10 12:40:06	3C0A1F0D13A8998E9A1825A853FF3B39	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\kinit.exe
2015-07-10 12:40:06	2682BB5D60C30DCB5A2BC414D01D6764	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmiregistry.exe
2015-07-10 12:40:06	1F29E31C6B9A487FF32006C4E223BA4F	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\orbd.exe
2015-07-10 12:40:06	1E2E159D0621A466CFA7CE06E4DA9CAE	190560	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe
2015-07-10 12:40:06	1CCD26E1E9FC582ABAA5D5FD1FA47A6B	76384	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe
2015-07-10 12:40:06	134D4B0A753808F8F8645DCF3FA00173	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\servertool.exe
=== C: other files ==
2015-07-15 12:26:20	6BC273ABD87823FED24B9A10786C89ED	58005837	----a-w-	C:\Users\Alain\Downloads\facebook-alainpattyn.zip
2015-07-15 12:26:20	6BC273ABD87823FED24B9A10786C89ED	58005837	----a-w-	C:\Documents and Settings\Alain\Downloads\facebook-alainpattyn.zip
2015-07-15 12:24:09	C4EA3D63E8BF077ECD1E93BF6556AE99	3207168	----a-w-	C:\Windows\System32\win32k.sys
2015-07-15 12:24:06	C0A6C3D6E02B61B5D100FE17306C276F	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-07-15 12:24:06	7A7328E427694CC7244235C3BC299F80	155584	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-07-15 12:24:06	45A03A0B6461EFBEE77E0A6AC2816EDA	129024	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2015-07-15 12:24:06	21AF322605D8C7F2A627C22634D1C9C9	290816	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2015-07-15 12:24:06	1877EB1495CFBDAB27D6A32F6DDF3818	159232	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2015-07-13 03:19:44	8F22037D3F5A6BB676525D825A1388B9	113880	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-07-13 03:19:33	E681CE4AE5C09651D53CB4387CA3560E	109272	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-07-13 03:19:33	AE757332EA130E94E646621CC695B52A	63704	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-07-13 03:18:45	A8D28D5B3E2A528D1EF0E338E44F2820	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-07-10 12:40:06	5DDC15149346900F16B38C65502BACA9	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\lib\deploy\ffjcext.zip

======== System Restore Points ========

RP82: 29/06/2015 19:07:02 - Gepland controlepunt
RP83: 6/07/2015 21:06:46 - Gepland controlepunt
RP84: 8/07/2015 13:51:05 - Herstelbewerking
RP85: 10/07/2015 14:35:02 - Removed Java 8 Update 45
RP86: 11/07/2015 7:32:04 - Herstelbewerking
RP87: 11/07/2015 10:53:07 - Windows Update
RP88: 12/07/2015 15:02:43 - AVG PC TuneUp 2015 is geïnstalleerd
RP89: 13/07/2015 5:25:22 - Removed SDFormatter.
RP90: 15/07/2015 14:24:58 - Windows Update
RP91: 16/07/2015 9:43:05 - zoek.exe restore point

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-758181845-1149531196-340014394-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"MEDION NAS TOOL"="E:\Medin NAS TOOL\MEDION NAS TOOL\MEDION NAS TOOL.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cobian Backup 11"="C:\Program Files (x86)\Cobian Backup 11\Cobian.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MEDION NAS TOOL"="E:\Medin NAS TOOL\MEDION NAS TOOL\MEDION NAS TOOL.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Acrobat Assistant 8.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 11.0\\Acrobat\\Acrotray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeBridge]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeBridge"
"hkey"="HKCU"
"command"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeCS6ServiceManager"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPDLR.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesPDLR.exe"
"hkey"="HKCU"
"command"="E:\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesPreload"
"hkey"="HKCU"
"command"="E:\\Kies\\Kies.exe /preload"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesTrayAgent"
"hkey"="HKLM"
"command"="E:\\Kies\\KiesTrayAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LightScribe Control Panel"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Download Assistant]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Logitech Download Assistant"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\rundll32.exe C:\\Windows\\System32\\LogiLDA.dll,LogiFetch"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NBAgent"
"hkey"="HKLM"
"command"="\"E:\\NERO\\Nero BackItUp\\NBAgent.exe\" /WinStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvBackend"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SwitchBoard"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wondershare Helper Compact.exe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Wondershare Helper Compact.exe"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Common Files\\Wondershare\\Wondershare Helper Compact\\WSHelper.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
"item"="Adobe Gamma"
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Adobe Gamma.lnk"
"backup"="C:\\Windows\\pss\\Adobe Gamma.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE"


==== Startup Folders ======================

2015-04-06 05:35:43	1153	----a-w-	C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/02/2015 08:26]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/02/2015 08:26]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-PCAlain-Alain" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\WSCStub.exe"]
"C:\Windows\SysNative\tasks\{01EFD430-EF5A-4513-9B35-68E92585CA86}" [E:\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Norton Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton Security\Norton Error Processor" [C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\SymErr.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\Exts\Chrome.crx[30/03/2015 14:26]
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[03/12/2014 08:31]
iikflkcanblccfahdhdonehdalibjnif - No path found[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hln.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hln.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{3E70A80D-1B53-465F-AACC-4EEF29E50CC5}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown  Url="Not_Found"
{358ADB01-B4FA-4058-8716-82AB5D8F6171} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"
{3E70A80D-1B53-465F-AACC-4EEF29E50CC5} Google  Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-758181845-1149531196-340014394-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{F003DA68-8256-4b37-A6C4-350FA04494DF} deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Alain\Desktop\Adobe Photoshop CS2.lnk - E:\Adobe Photoshop CS2\Adobe Photoshop CS2\Photoshop.exe 
C:\Users\Alain\Desktop\AVS Video Converter.lnk - C:\Program Files (x86)\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe 
C:\Users\Alain\Desktop\ConvertXtoVideo Ultimate 1.lnk - E:\Video converter\vsoVideoConverter.exe 
C:\Users\Alain\Desktop\Daum Potplayer-64 Bits.lnk - C:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini64.exe 
C:\Users\Alain\Desktop\dreamboxEDIT.lnk - C:\Program Files (x86)\dreamboxEDIT\dreamboxEDIT.exe 
C:\Users\Alain\Desktop\DumpLogData.lnk - G:\software\Utility-non upgrade\Utility\Utility-Demo\Utility-Demo\DumpLogData.exe 
C:\Users\Alain\Desktop\DVD Flick.lnk - E:\DVD Flick\dvdflick.exe 
C:\Users\Alain\Desktop\DVDFab 8 Qt.lnk - E:\DVDFab 8 Qt\DVDFab.exe 
C:\Users\Alain\Desktop\GetFLV.lnk - E:\GetFLV\GetFLV.exe /ld
C:\Users\Alain\Desktop\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe 
C:\Users\Alain\Desktop\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Alain\Desktop\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe 
C:\Users\Alain\Desktop\Microsoft Office Outlook 2007.lnk - C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe 
C:\Users\Alain\Desktop\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe 
C:\Users\Alain\Desktop\NetLimiter 3.lnk - E:\Netlimiter PRO\NLClientApp.exe 
C:\Users\Alain\Desktop\Photoshop CS6.lnk - E:\Adobe Photoshop CS6\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe 
C:\Users\Alain\Desktop\SolveigMM Video Splitter Business Edition.lnk - E:\Solveig video splitter\SMMVSplitter_Business.exe 
C:\Users\Alain\Desktop\Video Watermark Pro.lnk - E:\Video watermerk\Video Watermark Pro\VideoWatermark.exe 
C:\Users\Alain\Desktop\Windows Explorer.lnk - C:\Windows\explorer.exe 
C:\Users\Alain\Desktop\WonderFox DVD Ripper Pro.lnk - C:\Program Files (x86)\WonderFox Soft\WonderFox DVD Ripper\DVDRipperPro.exe 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\BDSizer.lnk - C:\Program Files (x86)\IDimager Products\BD Sizer\BDSizer.exe 
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\Users\Public\Desktop\Content Management Utility.lnk - E:\Sony CMU\Applications\CMUBrowser.exe 
C:\Users\Public\Desktop\eBay Turbo Lister 2.lnk - E:\Turbo Lister\Tl.exe 
C:\Users\Public\Desktop\EDIUS 6.lnk - C:\Program Files (x86)\Grass Valley\EDIUS 6\EDIUS.exe 
C:\Users\Public\Desktop\EOS Utility.lnk - C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe 
C:\Users\Public\Desktop\Lightroom 5.7 64-bits.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 5.7\lightroom.exe 
C:\Users\Public\Desktop\MAGIX PhotoStory on CD & DVD 10.lnk - E:\PhotoStory_on_CD_DVD_10_Deluxe_DLV\Fotos_dlx.exe 
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 
C:\Users\Public\Desktop\MEDION NAS TOOL.lnk - E:\Medin NAS TOOL\MEDION NAS TOOL\MEDION NAS TOOL.exe 
C:\Users\Public\Desktop\Nero Burning ROM 10.lnk - C:\Windows\Installer\{7A5D731D-B4B3-490E-B339-75685712BAAB}\ScBurningROMStartM_7533AE23D677474387D2A66427FA7052.exe 
C:\Users\Public\Desktop\Nero StartSmart 10.lnk - C:\Windows\Installer\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}\ScStartSmartDeskto_3AF47A4E14DF4546B1449D27245505A0.exe 
C:\Users\Public\Desktop\Norton Security.lnk - C:\Program Files (x86)\Norton Security\Engine64\22.2.0.31\uistub.exe 
C:\Users\Public\Desktop\Perfect Photo Suite 9.lnk - C:\Program Files\onOne Software\Perfect Photo Suite 9\Perfect Photo Suite 9.exe 
C:\Users\Public\Desktop\Popcorn Time.lnk - C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe --no-proxy-server
C:\Users\Public\Desktop\Print Easy.lnk - E:\Print Easy\PrintPratic.exe 
C:\Users\Public\Desktop\Shareaza.lnk - E:\Shareaza\Shareaza.exe 
C:\Users\Public\Desktop\Tfa_Nexus.lnk - C:\Program Files\Tfa_Nexus.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU\De-installeren.lnk - C:\Program Files (x86)\AVS4YOU\Uninstall.exe 
C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT\Changelog.lnk - C:\Program Files (x86)\dreamboxEDIT\Changelog.txt 
C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT\dreamboxEDIT.lnk - C:\Program Files (x86)\dreamboxEDIT\dreamboxEDIT.exe 
C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT\Uninstall.lnk - C:\Program Files (x86)\dreamboxEDIT\Uninstall.exe 
C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT\Version notes.lnk - C:\Program Files (x86)\dreamboxEDIT\Version notes.txt 
C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton\Norton-installatiebestanden.lnk - C:\Users\Public\Downloads\Norton\{NS221009-SHPD-FSD50064} 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe --appletID=CCM_UI --appletVersion=1.0 --workflow=CCM_workflow_launch
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk - E:\Adobe Photoshop CS6\Adobe Bridge CS6 (64 Bit)\Bridge.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk - E:\Adobe Photoshop CS6\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk - E:\Adobe Photoshop CS6\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7 64-bits.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 5.7\lightroom.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALCATech\BPM Studio 4 Profi.lnk - E:\BPM-Studio Profi\BPM.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALCATech\BPM-Studio 4 Handbuch.lnk - E:\BPM-Studio Profi\bpmpro4-manual-de.pdf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALCATech\BPM-Studio 4 Manual.lnk - E:\BPM-Studio Profi\bpmpro4-manual-en.pdf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALCATech\BPM-Studio 4 Player.lnk - E:\BPM-Studio Profi\BPMPlay.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALCATech\BPM-Studio 4 Profi - Clean Start.lnk - E:\BPM-Studio Profi\BPM.exe  /R
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALCATech\BPM-Studio WEB.lnk - E:\BPM-Studio Profi\BPMStudio.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALCATech\Readme.lnk - E:\BPM-Studio Profi\Readme.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALCATech\SwiftSoft WEB (Dev.Tools).lnk - E:\BPM-Studio Profi\SwiftSoft.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology\ASM106x SATA Driver\Uninstall.lnk - C:\Windows\SysWOW64\msiexec.exe /x {61942EF5-2CD8-47D4-869C-2E9A8BB085F1} 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\astrojargon.net\EOSInfo.exe.lnk - C:\Program Files (x86)\astrojargon.net\EOSInfo\EOSInfo.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015\Help AVG PC TuneUp.lnk - C:\ProgramData\AVG\AWL2015\nl-NL\main_vista_7.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Activering.lnk - C:\Program Files (x86)\AVS4YOU\Registration.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Help.lnk - C:\Program Files (x86)\AVS4YOU\AVS4YOUHelp.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Licentieovereenkomst.lnk - C:\Program Files (x86)\AVS4YOU\License Agreement.rtf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU\Video\AVS Video Converter.lnk - C:\Program Files (x86)\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID\eID Viewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID\Utilities\MS Office 2010 XAdES XL signature configuration.lnk - C:\Program Files (x86)\Belgium Identity Card\beidoffice2010_XAdES_XL.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID\Utilities\MS Outlook registry configuration.lnk - C:\Program Files (x86)\Belgium Identity Card\beidoutlooksnc.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11\Cobian Backup 11 - Application.lnk - C:\Program Files (x86)\Cobian Backup 11\Cobian.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11\Cobian Backup 11 - User interface.lnk - C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11\Permissions tool.lnk - C:\Program Files (x86)\Cobian Backup 11\cbPermissions.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11\Remote Manager.lnk - C:\Program Files (x86)\Cobian Backup 11\cbRemoteManager.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11\Uninstall Cobian Backup 11.lnk - C:\Program Files (x86)\Cobian Backup 11\cbUninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum\Daum Potplayer-64 Bits\Daum Potplayer-64 Bits.lnk - C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum\Daum Potplayer-64 Bits\Uninstall Potplayer-64 Bits.lnk - C:\Program Files\DAUM\PotPlayer\uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Computing\Print Easy\Print Easy.lnk - E:\Print Easy\PrintPratic.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Computing\Print Easy\Verwijderen.lnk - E:\Print Easy\Uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk - E:\FileZilla FTP Client\filezilla.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk - E:\FileZilla FTP Client\uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDION\MEDION NAS TOOL\MEDION NAS TOOL.lnk - E:\Medin NAS TOOL\MEDION NAS TOOL\MEDION NAS TOOL.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDION\MEDION NAS TOOL\Uninstall.lnk - E:\Medin NAS TOOL\MEDION NAS TOOL\Uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software\Perfect Effects Free 9\Perfect Effects Free 9.lnk - C:\Program Files\onOne Software\Perfect Effects Free 9\Perfect Effects Free 9.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software\Perfect Photo Suite 9\Perfect Photo Suite 9.lnk - C:\Program Files\onOne Software\Perfect Photo Suite 9\Perfect Photo Suite 9.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia\SolveigMM Video Splitter Business Edition\Help.lnk - E:\Solveig video splitter\Lang_Splitter\eng.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia\SolveigMM Video Splitter Business Edition\Home Page.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia\SolveigMM Video Splitter Business Edition\LICENSE.LGPL.lnk - E:\Solveig video splitter\LICENSE.LGPL 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia\SolveigMM Video Splitter Business Edition\License.lnk - E:\Solveig video splitter\EULAC.rtf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia\SolveigMM Video Splitter Business Edition\SolveigMM Console Splitter.lnk - E:\Solveig video splitter\SMM_BatchSplit.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia\SolveigMM Video Splitter Business Edition\SolveigMM Video Splitter Business Edition.lnk - E:\Solveig video splitter\SMMVSplitter_Business.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia\SolveigMM Video Splitter Business Edition\Uninstall.lnk - E:\Solveig video splitter\Uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia\SolveigMM Video Splitter Business Edition\Web Forum.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia\SolveigMM Video Splitter Business Edition\WEBMLICENSE.txt.lnk - E:\Solveig video splitter\WEBMLICENSE.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TFA_Nexus\Tfa_Nexus.lnk - C:\Program Files\Tfa_Nexus.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TFA_Nexus\Uninstall TFA_Nexus.lnk - C:\Windows\AKDeInstall.exe /x "C:\Program Files\unins2.dat"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoVideo Ultimate 1\ConvertXtoVideo Ultimate 1.lnk - E:\Video converter\vsoVideoConverter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoVideo Ultimate 1\Vertaal ConvertXtoVideo Ultimate 1.lnk - C:\ProgramData\VSO\ConvertXtoVideo Ultimate\1\Lang\EditLoc_online.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoVideo Ultimate 1\Verwijder  ConvertXtoVideo Ultimate 1.lnk - E:\Video converter\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoVideo Ultimate 1\ Stuurprogramma’s\  Verwijder Stuurprogramma (Compatibiliteits Modus).lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoVideo Ultimate 1\ Stuurprogramma’s\ Controleer.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO\ConvertXtoVideo Ultimate 1\ Stuurprogramma’s\ Installeer.lnk -  

==== shortcuts in Quick Launch ======================

C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Daum Potplayer-64 Bits.lnk - C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe 
C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay Turbo Lister 2.lnk - E:\Turbo Lister\tl.exe 
C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MAGIX Photo Manager 10.lnk - C:\Program Files (x86)\MAGIX\Photo_Manager_10\FotoManager_dlx.exe 
C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE  /recycle
C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - E:\Kies\KiesAgent.exe /lite
C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - E:\Kies\KiesAgent.exe 
C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Outlook 2007.lnk - C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe 
C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Explorer.lnk - C:\Windows\explorer.exe 
C:\Users\Alain\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Uninstall List x64 ======================

Adobe Acrobat XI Pro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-1033-FFFF-7760-000000000006}]
Adobe Bridge 1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B74D4E10-6884-0000-0000-000000000101}]
Adobe Common File Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8EDBA74D-0686-4C99-BFDD-F894678E5102}]
Adobe Creative Suite 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0134A1A1-C283-4A47-91A1-92F19F960372}]
Adobe Flash Player 18 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]
Adobe Help Center 1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E9787678-551D-4478-9682-DBB587257110}]
Adobe Photoshop CS2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{236BB7C4-4419-42FD-0413-1E257A25E34D}]
Adobe Photoshop CS6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}]
Adobe Photoshop Lightroom 5.7 64-bit [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}]
Adobe Stock Photos 1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{786C5747-1437-443D-B06E-79A00FE45110}]
Aiseesoft Video Downloader 6.0.32 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4D568512-220B-4377-95CE-DCCF9235A612}_is1]
Alcatech BPM Studio Professional v4.9.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Alcatech BPM Studio Professional v4.9.1]
Apple Application Support [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}]
Apple Software Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}]
Asmedia ASM106x SATA Host Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}]
AVG PC TuneUp 2015 (nl-NL) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{230585A9-D334-46AD-A090-9E3531A40105}]
AVG PC TuneUp 2015 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A996C182-3724-4DF1-A4BC-66154FE57DFE}]
AVS Video Converter 9.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVS4YOU Video Converter 7_is1]
BD Sizer 3.3.3.0 BETA [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B326137B-1DB2-4253-AC66-3AFD0054B666}_is1]
Belgium e-ID middleware 4.1.3 (build 1554) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DB942AEA-93D6-4FE4-8862-180D35A71554}]
Canon IJ Scan Utility [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Canon_IJ_Scan_Utility]
Canon MG5400 series MP Drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5400_series]
Canon Utilities EOS Utility 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EOS Utility 2]
CCleaner  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner]
CD-LabelPrint  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MediaNavigation.CDLabelPrint]
Cobian Backup 11 Gravity [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\CobBackup11]
Content Management Utility [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5BAB204E-AAB2-45DF-9C06-4473865892DF}]
Data Log [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A549CF84-72D7-417E-9CD5-1C3E06414E6B}]
DHTML Editing Component [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}]
dreamboxEDIT -- The one and only settings editor for your Dreambox [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\dreamboxEDIT]
DVD Flick 1.3.0.7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVD Flick_is1]
DVDFab 8.2.2.6 (25/12/2012) Qt [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDFab 8 Qt_is1]
EASEUS Partition Master 7.0.1 Server Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EASEUS Partition Master Server Edition_is1]
EDIUS 6.08 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B91A1230-C199-421e-8F63-7235731D925E}]
EDIUS Codec Option 6.08 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{28C515CC-489B-4c02-898E-FE5B790E52FF}]
EDIUS Hardware Drivers [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5A1FCDE3-7B05-4821-AD83-B58117E6D0DF}]
EOSInfo  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CC23FF9A-989C-4DEB-8970-50E6E4862315}]
FileZilla Client 3.12.0.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FileZilla Client]
Firebird SQL Server - MAGIX Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}]
GetFLV 9.3.1.8 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GetFLV_is1]
Google Earth [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{817750FA-EC6A-485D-9901-0683AE6FFDF1}]
Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}]
High-Definition Video Playback [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{237CCB62-8454-43E3-B158-3ACD0134852E}]
Java 7 Update 79 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F03217079FF}]
Java 8 Update 45 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218045F0}]
LightScribe System Software [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{82EF29B1-9B60-4142-A155-0599216DD053}]
MAGIX Online Print Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3CDD46D-BE0D-4401-BEBC-F5D995049DF9}]
MAGIX Photo Manager 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B4DC018-42BA-4384-8671-83F2AF623FC3}]
MAGIX Photo Manager 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MAGIX_MSI_Foto_Manager_10]
MAGIX PhotoStory on CD & DVD 10 Deluxe Download Version [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8FFCC4F5-6ED0-4814-8C8F-84D7F4857DC8}]
MAGIX PhotoStory on CD & DVD 10 Deluxe Download Version [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MAGIX_MSI_Fotos_auf_CD_DVD_10_Dlx]
MAGIX Screenshare [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{66120AC1-2B4A-4BD4-8D3C-7BC30FD5A5C4}]
MAGIX Speed burnR (MSI) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4099FB98-FA37-4B4E-9C81-39EE0B3CDE85}]
Malwarebytes Anti-Malware versie 2.1.8.1057 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1]
marvell 91xx driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MagniDriver]
MEDION NAS TOOL [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MEDION NAS TOOL]
Microsoft .NET Framework 4.5.2 (Nederlands) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043]
Microsoft .NET Framework 4.5.2 (NLD) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AD1F4FA8-65AF-3EAC-A27A-BB08E2686BE2}]
Microsoft .NET Framework 4.5.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26784146-6E05-3FF9-9335-786C7C0FB5BE}]
Microsoft .NET Framework 4.5.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033]
Microsoft Office Professional Plus 2007 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PROPLUS]
Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A96702F7-EFC8-3EED-BE46-22C809D4EBE5}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}]
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}]
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}]
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37B8F9C7-03FB-3253-8781-2517C99D7C00}]
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}]
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B175520C-86A2-35A7-8619-86DC379688B9}]
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}]
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{050d4fc8-5d48-4b8f-8972-47c82c46020f}]
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f65db027-aff3-4070-886a-0d87064aabb1}]
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{929FBD26-9020-399B-9A7A-751D61F0B942}]
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}]
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}]
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}]
Microsoft_VC80_CRT_x86  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}]
Microsoft_VC90_CRT_x86  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}]
MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}]
MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}]
MyFreeCodec  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec]
Nero 10 ClipartPack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96ED4B78-300E-4033-AE6C-C115CEB4DF07}]
Nero 10 Menu TemplatePack 1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}]
Nero 10 Menu TemplatePack 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E712C273-7564-4C8E-AA59-0FA19BC35117}]
Nero 10 Menu TemplatePack 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92146419-AE44-4C8B-A48B-0ABB1B5EC026}]
Nero 10 Menu TemplatePack Basic [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{63AA3EAB-23BB-48B2-9AD0-44F878075604}]
Nero 10 Movie ThemePack 1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43FBAB46-5969-4200-9958-1FF81FEE506F}]
Nero 10 Movie ThemePack 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{70F19404-B96C-4EBB-AD2B-3574F8736197}]
Nero 10 Movie ThemePack 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DD238642-14C7-4D54-8BD7-FAD6DEA9999B}]
Nero 10 Movie ThemePack 4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}]
Nero 10 Movie ThemePack Basic [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}]
Nero 10 PiP EffectPack 1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EF3A4DAE-F16F-4AC1-87BB-FE00A784084F}]
Nero 10 Sample ImagePack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ACD15FDF-FC42-4175-B477-576F92FF2256}]
Nero 10 Sample Videos [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92A10E9D-EA00-4A46-8F22-EEA660992D61}]
Nero 10 Video TransitionPack 1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{85BEC8F6-9AA3-43FF-B56B-8276277137B3}]
Nero BackItUp 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{68AB6930-5BFF-4FF6-923B-516A91984FE6}]
Nero BackItUp 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}]
Nero Burning ROM 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7A5D731D-B4B3-490E-B339-75685712BAAB}]
Nero BurningROM 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}]
Nero BurnRights 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{943CFD7D-5336-47AF-9418-E02473A5A517}]
Nero BurnRights 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{555868C6-49FB-484F-BB43-8980651A1B00}]
Nero Control Center 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}]
Nero ControlCenter 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}]
Nero Core Components 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}]
Nero CoverDesigner 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FCF00A6E-FB58-477A-ABE9-232907105521}]
Nero CoverDesigner 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3273C55-E1E4-41FF-8D69-0158090DB8D8}]
Nero DiscSpeed 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{34490F4E-48D0-492E-8249-B48BECF0537C}]
Nero DiscSpeed 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C18A0418-442A-4186-AF98-D08F5054A2FC}]
Nero Dolby Files 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3580AC4-C827-4332-B935-9A282ED5BB97}]
Nero Express 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{70550193-1C22-445C-8FA4-564E155DB1A7}]
Nero Express 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{33643918-7957-4839-92C7-EA96CB621A98}]
Nero InfoTool 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}]
Nero InfoTool 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{66049135-9659-4AAD-9169-9CCA269EBB3E}]
Nero MediaHub 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}]
Nero MediaHub 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F467862A-D9CA-47ED-8D81-B4B3C9399272}]
Nero Multimedia Suite 10 Platinum HD [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}]
Nero Recode 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}]
Nero Recode 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}]
Nero RescueAgent 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E337E787-CF61-4B7B-B84F-509202A54023}]
Nero RescueAgent 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92E25238-61A3-4ACD-A407-3C480EEF47A7}]
Nero SoundTrax 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}]
Nero SoundTrax 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{16987E99-C95C-4513-9239-7B44A0A71DB5}]
Nero StartSmart 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}]
Nero StartSmart 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}]
Nero Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}]
Nero Vision 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}]
Nero Vision 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{329411A0-19F3-4740-874F-17400B126F27}]
Nero WaveEditor 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}]
Nero WaveEditor 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7A295D8F-484B-4FFB-89AB-C1FD497591FE}]
NetLimiter 3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{913923AB-3AAB-4870-8910-627C4CD82789}]
NewBlue Video Essentials for EDIUS [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NewBlue Video Essentials for EDIUS]
Norton Security [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NS]
NVIDIA-configuratiescherm 347.52 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel]
NVIDIA 3D Vision stuurprogramma 347.52 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision]
NVIDIA Display Control Panel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA Display Control Panel]
NVIDIA Grafisch stuurprogramma 347.52 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver]
NVIDIA HD Audio-stuurprogramma 1.3.33.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver]
NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer]
NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}]
NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo]
NVIDIA Update 10.4.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update]
NVIDIA Update Core [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core]
Paint Shop Pro 7 ESD [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}]
PDF Settings CS6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}]
PlayerLiteHJ 1.0.4.1.LHJ [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B435433C-110A-4853-843A-7BD1EE59624E}_is1]
Popcorn Time [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Popcorn Time_is1]
Potplayer-64 Bits [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PotPlayer64]
Power Data Recovery 3.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Power Data Recovery_is1]
Prey Anti-Theft [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{138CE0A5-B998-4007-9D34-116BD9D55103}]
Print Easy [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Print Easy]
proDAD Mercalli 2.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\proDAD-Mercalli-2.0]
proDAD Vitascene 1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\proDAD-Vitascene-1.0]
QuickTime  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E7004147-2CCA-431C-AA05-2AB166B9785D}]
Samsung Kies [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{758C8301-2696-4855-AF45-534B1200980A}]
Samsung Kies [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\25_escape]
SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}]
Shareaza 2.7.8.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Shareaza_is1]
Snagit 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}]
SolveigMM Video Splitter Business Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SolveigMM Video Splitter Business Edition 5.0.1505.19]
Stuurprogrammapakket voor Windows - Fedict SmartCard  (04/22/2015 4.1.3.0) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\61FC7FD6701234E31694AE6FBBF17F4D45D5EB49]
Suite Specific [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}]
TFA_Nexus  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TFA_Nexus]
Tint  [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\tint]
Turbo Lister 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8927E07C-97F7-4A54-88FB-D976F50DD46E}]
VASCO Card Reader Plug-In (64-Bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{47659F12-27AE-6400-9B8A-2BD803020304}]
VASCO Smart Card Reader Plug-In (User) [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c77cb28d-ddd3-46f7-b51a-14a599127ba7}]
VC80CRTRedist - 8.0.50727.6195 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{933B4015-4618-4716-A828-5289FC03165F}]
Video Viewer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Video Viewer]
Video Watermark Pro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VideoWatermarkPro]
VLC media player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player]
VSO ConvertXtoVideo Ultimate 1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{{ECDB800F-E1F0-48FE-B393-E12E40CD3A89}_is1]
Web Album Generator 1.8.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Web Album Generator_is1]
WinRAR archiver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]
WonderFox DVD Ripper Pro 7.4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WonderFox DVD Ripper Pro]

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\coIEPlg.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Cobian Backup 11] "C:\Program Files (x86)\Cobian Backup 11\Cobian.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MEDION NAS TOOL] E:\Medin NAS TOOL\MEDION NAS TOOL\MEDION NAS TOOL.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: EOS Utility.lnk = C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {53049A9A-1122-4673-B8D4-12F545AE3285} (CV781Object Object) - http://avm565a-sn.ddns.eagleeyes.tw:85/AVC_AX_764.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 11.45.2) - http://javadl-esd.sun.com/update/1.7.0/jinstall-7u45-windows-i586.cab
O16 - DPF: {971FC730-55F1-461F-83FD-B3BF5E1F039E} (AMCCtrl Class) - http://178.118.209.245:8910/AVC_AX_742.cab
O18 - Protocol: bw+0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw+0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw-0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw-0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw00 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw00s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw10 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw10s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw20 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw20s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw30 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw30s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw40 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw40s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw50 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw50s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw60 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw60s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw70 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw70s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw80 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw80s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw90 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bw90s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwa0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwa0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwb0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwb0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwc0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwc0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwd0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwd0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwe0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwe0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwf0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwf0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwg0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwg0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwh0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwh0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwi0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwi0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwj0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwj0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwk0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwk0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwl0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwl0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwm0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwm0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwn0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwn0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwo0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwo0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwp0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwp0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwq0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwq0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwr0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bws0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bws0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwt0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwt0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwu0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwu0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwv0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwv0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bww0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bww0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwx0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwx0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwy0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwy0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwz0 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: bwz0s - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O18 - Protocol: offline-8876480 - {0D007CF8-170C-4634-95F3-960AB4C74859} - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Cron Service (CronService) - Fork, Ltd. - E:\Prey\wpxsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NetLimiter 3 Service (nlsvc) - Locktime Software - E:\Netlimiter PRO\nlsvc.exe
O23 - Service: Norton Security (NS) - Symantec Corporation - C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\NS.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - E:\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update service - Company - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Silent Runners ======================

"Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
MEDION NAS TOOL = E:\Medin NAS TOOL\MEDION NAS TOOL\MEDION NAS TOOL.exe [null data]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++}
(Default) = (empty string) [file not found]
Cobian Backup 11 = "C:\Program Files (x86)\Cobian Backup 11\Cobian.exe" [Luis Cobian, CobianSoft]
SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Oracle Corporation]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\(Default) = Norton Identity Protection
  -> {HKLM...CLSID} = Norton Identity Protection
                   \InProcServer32\(Default) = C:\Program Files (x86)\Norton Security\Engine64\22.2.0.31\coIEPlg.dll [Symantec Corporation]
  -> {HKLM...Wow...CLSID} = Norton Identity Protection
                         \InProcServer32\(Default) = C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\coIEPlg.dll [Symantec Corporation]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\(Default) = Norton Identity Protection
  -> {HKLM...CLSID} = Norton Identity Protection
                   \InProcServer32\(Default) = C:\Program Files (x86)\Norton Security\Engine64\22.2.0.31\coIEPlg.dll [Symantec Corporation]
  -> {HKLM...Wow...CLSID} = Norton Identity Protection
                         \InProcServer32\(Default) = C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\coIEPlg.dll [Symantec Corporation]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
  -> {HKLM...Wow...CLSID} = Java(tm) Plug-In SSV Helper
                         \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [Oracle Corporation]

{AE7CD045-E861-484f-8273-0445EE161910}\(Default) = (no title provided)
  -> {HKLM...CLSID} = Adobe Acrobat Create PDF Helper
                   \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [Adobe Systems Incorporated]
  -> {HKLM...Wow...CLSID} = Adobe Acrobat Create PDF Helper
                         \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [Adobe Systems Incorporated]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
  -> {HKLM...Wow...CLSID} = Java(tm) Plug-In 2 SSV Helper
                         \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [Oracle Corporation]

{F4971EE7-DAA0-4053-9964-665D8EE6A077}\(Default) = SmartSelect
  -> {HKLM...CLSID} = Adobe Acrobat Create PDF from Selection
                   \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [Adobe Systems Incorporated]
  -> {HKLM...Wow...CLSID} = Adobe Acrobat Create PDF from Selection
                         \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [Adobe Systems Incorporated]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class
  -> {HKLM...CLSID} = DesktopContext Class
                   \InProcServer32\(Default) = C:\Program Files\NVIDIA Corporation\Display\nvui.dll [NVIDIA Corporation]

{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = NVIDIA Play On My TV Context Menu Extension
  -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension
                   \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation]

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler
  -> {HKLM...CLSID} = (no title provided)
                   \InProcServer32\(Default) = C:\PROGRA~1\MICROS~1\Office12\MSOHEVI.DLL [MS]

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler
  -> {HKLM...CLSID} = Microsoft Office Metadata Handler
                   \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler
  -> {HKLM...CLSID} = Microsoft Office Thumbnail Handler
                   \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{B41DB860-64E4-11D2-9906-E49FADC173CA} = WinRAR shell extension
  -> {HKLM...CLSID} = WinRAR
                   \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

{CF74B903-3389-469c-B3B6-0204D204FCBD} = SnagIt Shell Extension
  -> {HKLM...CLSID} = SnagItShellExt Class
                   \InProcServer32\(Default) = E:\SNAGIT\DLLx64\SnagitShellExt64.dll [TechSmith Corporation]

{A6595CD1-BF77-430A-A452-18696685F7C7} = Adobe.Acrobat.ContextMenu
  -> {HKLM...CLSID} = Acrobat Elements Context Menu
                   \InProcServer32\(Default) = C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [Adobe Systems Inc.]

{44440D00-FF19-4AFC-B765-9A0970567D97} = TuneUp Theme Extension
  -> {HKLM...CLSID} = TuneUp Theme Extension
                   \InProcServer32\(Default) = C:\Windows\System32\uxtuneup.dll [AVG Technologies]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler
  -> {HKLM...Wow...CLSID} = Outlook File Icon Extension
                         \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\OLKFSTUB.DLL [MS]

{00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler
  -> {HKLM...Wow...CLSID} = Microsoft Office Outlook
                         \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\MLSHEXT.DLL [MS]

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler
  -> {HKLM...Wow...CLSID} = (no title provided)
                         \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll [MS]

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler
  -> {HKLM...Wow...CLSID} = Microsoft Office Metadata Handler
                         \InProcServer32\(Default) = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler
  -> {HKLM...Wow...CLSID} = Microsoft Office Thumbnail Handler
                         \InProcServer32\(Default) = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{CF74B903-3389-469c-B3B6-0204D204FCBD} = SnagIt Shell Extension
  -> {HKLM...Wow...CLSID} = SnagItShellExt Class
                         \InProcServer32\(Default) = E:\SNAGIT\SnagitShellExt.dll [TechSmith Corporation]

{F764812A-132C-4013-9960-5CBBEB408A0E} = Nero Shell Extension
  -> {HKLM...Wow...CLSID} = NeroShellExt Class
                         \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll [Nero AG]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

<<!>> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945}
  -> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter
                   \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

SnagItMainShellExt\(Default) = {CF74B903-3389-469c-B3B6-0204D204FCBD}
  -> {HKLM...CLSID} = SnagItShellExt Class
                   \InProcServer32\(Default) = E:\SNAGIT\DLLx64\SnagitShellExt64.dll [TechSmith Corporation]
  -> {HKLM...Wow...CLSID} = SnagItShellExt Class
                         \InProcServer32\(Default) = E:\SNAGIT\SnagitShellExt.dll [TechSmith Corporation]

Symantec.Norton.Antivirus.IEContextMenu\(Default) = {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}
  -> {HKLM...CLSID} = IEContextMenu Class
                   \InProcServer32\(Default) = "C:\Program Files (x86)\Norton Security\Engine64\22.2.0.31\NavShExt.dll" [Symantec Corporation]

{A4FD8DDB-5800-4414-97F9-7457AC8EE4F0}\(Default) = (no title provided)
  -> {HKLM...Wow...CLSID} = NBShellHook Class
                         \InProcServer32\(Default) = E:\NERO\Nero BackItUp\NBShell.dll [Nero AG]

{F764812A-132C-4013-9960-5CBBEB408A0E}\(Default) = (no title provided)
  -> {HKLM...Wow...CLSID} = NeroShellExt Class
                         \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll [Nero AG]

HKLM\SOFTWARE\Classes\*\shellex\DragDropHandlers\

NBShellHook\(Default) = {A4FD8DDB-5800-4414-97F9-7457AC8EE4F0}
  -> {HKLM...Wow...CLSID} = NBShellHook Class
                         \InProcServer32\(Default) = E:\NERO\Nero BackItUp\NBShell.dll [Nero AG]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

SnagItMainShellExt\(Default) = {CF74B903-3389-469c-B3B6-0204D204FCBD}
  -> {HKLM...CLSID} = SnagItShellExt Class
                   \InProcServer32\(Default) = E:\SNAGIT\DLLx64\SnagitShellExt64.dll [TechSmith Corporation]
  -> {HKLM...Wow...CLSID} = SnagItShellExt Class
                         \InProcServer32\(Default) = E:\SNAGIT\SnagitShellExt.dll [TechSmith Corporation]

{F764812A-132C-4013-9960-5CBBEB408A0E}\(Default) = (no title provided)
  -> {HKLM...Wow...CLSID} = NeroShellExt Class
                         \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll [Nero AG]

HKLM\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\

FileZilla3CopyHook\(Default) = {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B}
  -> {HKLM...CLSID} = FileZilla 3 Shell Extension
                   \InProcServer32\(Default) = E:\FileZilla FTP Client\fzshellext_64.dll [null data]
  -> {HKLM...Wow...CLSID} = FileZilla 3 Shell Extension
                         \InProcServer32\(Default) = E:\FileZilla FTP Client\fzshellext.dll [null data]

HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}
  -> {HKLM...CLSID} = WinRAR
                   \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
  -> {HKLM...Wow...CLSID} = WinRAR
                         \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext32.dll [Alexander Roshal]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}
  -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension
                   \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info
  -> {HKLM...Wow...CLSID} = PDF Shell Extension
                         \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

Symantec.Norton.Antivirus.IEContextMenu\(Default) = {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}
  -> {HKLM...CLSID} = IEContextMenu Class
                   \InProcServer32\(Default) = "C:\Program Files (x86)\Norton Security\Engine64\22.2.0.31\NavShExt.dll" [Symantec Corporation]

{A4FD8DDB-5800-4414-97F9-7457AC8EE4F0}\(Default) = (no title provided)
  -> {HKLM...Wow...CLSID} = NBShellHook Class
                         \InProcServer32\(Default) = E:\NERO\Nero BackItUp\NBShell.dll [Nero AG]

HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

NBShellHook\(Default) = {A4FD8DDB-5800-4414-97F9-7457AC8EE4F0}
  -> {HKLM...Wow...CLSID} = NBShellHook Class
                         \InProcServer32\(Default) = E:\NERO\Nero BackItUp\NBShell.dll [Nero AG]

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}
  -> {HKLM...CLSID} = WinRAR
                   \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
  -> {HKLM...Wow...CLSID} = WinRAR
                         \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext32.dll [Alexander Roshal]


Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

NofolderOptions = (REG_DWORD) dword:0x00000000
{User Configuration|Administrative Templates|Windows Components|Windows Explorer|
Removes the Folder Options menu item from the Tools menu}

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

DisableRegistryTools = (REG_DWORD) dword:0x00000000
{User Configuration|Administrative Templates|System|
Prevent access to registry editing tools}

DisableTaskMgr = (REG_DWORD) dword:0x00000000
{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

EnableLinkedConnections = (REG_DWORD) dword:0x00000001
{unrecognized setting}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
Wallpaper = C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg


Windows Portable Device AutoPlay Handlers
-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

BridgeCS6ImportMediaOnArrival\
Provider = Adobe Bridge CS6
InvokeProgID = Adobe.adobebridgeCS6
InvokeVerb = launch
HKLM\SOFTWARE\Classes\Adobe.adobebridgeCS6\shell\launch\command\(Default) = E:\Adobe Photoshop CS6\Adobe Bridge CS6 (64 Bit)\bridgeproxy.exe -v %1 [Adobe Systems, Inc.]

BridgeCS6NonVolumeHandler\
Provider = Adobe Bridge CS6
ProgID = Adobe.adobebridgeMTP_1
HKLM\SOFTWARE\Classes\Adobe.adobebridgeMTP_1\CLSID\(Default) = {1E6C711B-6D70-4a65-8AB6-745DC19BE2A6}
  -> {HKLM...CLSID} = Adobe Bridge CS6
                   \LocalServer32\(Default) = E:\Adobe Photoshop CS6\Adobe Bridge CS6 (64 Bit)\bridgeproxy.exe -m [Adobe Systems, Inc.]

DVDFab5OnDVDArrival\
Provider = DVDFab 8
InvokeProgID = DVDFab5Open
InvokeVerb = Open
HKLM\SOFTWARE\Classes\DVDFab5Open\shell\Open\command\(Default) = "E:\DVDFab 8 Qt\DVDFab.exe" "%1" [Fengtao Software Inc.]

Lightroom5BetaAutoPlayHandler64\
Provider = Adobe Photoshop Lightroom 5.0 64
InvokeProgID = Adobe.AdobeLightroom64
InvokeVerb = open
HKLM\SOFTWARE\Classes\Adobe.AdobeLightroom64\shell\open\command\(Default) = C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\Lightroom.exe "%L" [Adobe Systems]

MediaHub10BluRayOnArrival\
Provider = Nero MediaHub 10
InvokeProgID = OpenWithNeroMediaHub10
InvokeVerb = open
HKLM\SOFTWARE\Classes\OpenWithNeroMediaHub10\shell\open\command\(Default) = "E:\NERO\Nero MediaHub\MediaHub.exe" %L [null data]

MediaHub10CDAudioOnArrival\
Provider = Nero MediaHub 10
InvokeProgID = OpenWithNeroMediaHub10
InvokeVerb = open
HKLM\SOFTWARE\Classes\OpenWithNeroMediaHub10\shell\open\command\(Default) = "E:\NERO\Nero MediaHub\MediaHub.exe" %L [null data]

MediaHub10DVDMovieOnArrival\
Provider = Nero MediaHub 10
InvokeProgID = OpenWithNeroMediaHub10
InvokeVerb = open
HKLM\SOFTWARE\Classes\OpenWithNeroMediaHub10\shell\open\command\(Default) = "E:\NERO\Nero MediaHub\MediaHub.exe" %L [null data]

MediaHub10MediaFilesOnArrival\
Provider = Nero MediaHub 10
InvokeProgID = ImportWithNeroMediaHub10
InvokeVerb = open
HKLM\SOFTWARE\Classes\ImportWithNeroMediaHub10\shell\open\command\(Default) = "E:\NERO\Nero MediaHub\MediaHub.exe" /Import=%L [null data]

MediaHub10SVCDMovieOnArrival\
Provider = Nero MediaHub 10
InvokeProgID = OpenWithNeroMediaHub10
InvokeVerb = open
HKLM\SOFTWARE\Classes\OpenWithNeroMediaHub10\shell\open\command\(Default) = "E:\NERO\Nero MediaHub\MediaHub.exe" %L [null data]

MediaHub10VCDMovieOnArrival\
Provider = Nero MediaHub 10
InvokeProgID = OpenWithNeroMediaHub10
InvokeVerb = open
HKLM\SOFTWARE\Classes\OpenWithNeroMediaHub10\shell\open\command\(Default) = "E:\NERO\Nero MediaHub\MediaHub.exe" %L [null data]

MediaHub10WPDOnArrival\
Provider = Nero MediaHub 10
CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}
InitCmdLine = /WiaCmd;"E:\NERO\Nero MediaHub\MediaHub.exe" -Import %1 %2;
  -> {HKLM...CLSID} = WPDShextAutoplay
                   \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS]

MSPlayCDAudioOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.AudioCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS]

MSPlayDVDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.DVD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS]

MSPlaySuperVideoCDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.VCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]

MSPlayVideoCDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.VCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]

MSWMPBurnCDOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.BurnCD
InvokeVerb = Burn
HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS]

MXFotomakerBrowseOnArrival\
Provider = MAGIX Foto Manager 10 deluxe
InvokeProgID = Magix.Fotomaker.Brws
InvokeVerb = Brws
HKLM\SOFTWARE\Classes\Magix.Fotomaker.Brws\shell\Brws\command\(Default) = "C:\Program Files (x86)\MAGIX\Photo_Manager_10\Fotomanager_dlx.exe" /exp "%1" [MAGIX]

MXFotomakerBurningCDArrival\
Provider = MAGIX Foto Manager 10 deluxe
InvokeProgID = Magix.Fotomaker.Burn
InvokeVerb = Burn
HKLM\SOFTWARE\Classes\Magix.Fotomaker.Burn\shell\Burn\command\(Default) = "C:\Program Files (x86)\MAGIX\Photo_Manager_10\Fotomanager_dlx.exe" [MAGIX]

MXFotomakerHandleMTP\
Provider = MAGIX Foto Manager 10 deluxe
InvokeProgID = Magix.Fotomaker.
InvokeVerb = 
HKLM\SOFTWARE\Classes\Magix.Fotomaker.\shell\\command\(Default) = "C:\Program Files (x86)\MAGIX\Photo_Manager_10\Fotomanager_dlx.exe" [MAGIX]

MXFotomakerImportPicturesOnArrival\
Provider = MAGIX Foto Manager 10 deluxe
InvokeProgID = Magix.Fotomaker.ImportPic
InvokeVerb = ImportPic
HKLM\SOFTWARE\Classes\Magix.Fotomaker.ImportPic\shell\ImportPic\command\(Default) = "C:\Program Files (x86)\MAGIX\Photo_Manager_10\Fotomanager_dlx.exe" /k "%1" [MAGIX]

MXFotomakerPlayVideoOnArrival\
Provider = MAGIX Foto Manager 10 deluxe
InvokeProgID = Magix.Fotomaker.PlayV
InvokeVerb = PlayV
HKLM\SOFTWARE\Classes\Magix.Fotomaker.PlayV\shell\PlayV\command\(Default) = "C:\Program Files (x86)\MAGIX\Photo_Manager_10\Fotomanager_dlx.exe" /exp "%1" [MAGIX]

MXFotomakerShowPicturesOnArrival\
Provider = MAGIX Foto Manager 10 deluxe
InvokeProgID = Magix.Fotomaker.ShwPic
InvokeVerb = ShwPic
HKLM\SOFTWARE\Classes\Magix.Fotomaker.ShwPic\shell\ShwPic\command\(Default) = "C:\Program Files (x86)\MAGIX\Photo_Manager_10\Fotomanager_dlx.exe" /exp "%1" [MAGIX]

NeroBurningROM10CopyCD\
Provider = Nero Burning ROM 10
InvokeProgID = Nero.BurningROM.10.AutoPlay
InvokeVerb = CopyCD
HKLM\SOFTWARE\Classes\Nero.BurningROM.10.AutoPlay\shell\CopyCD\command\(Default) = E:\NERO\Nero Burning ROM\nero.exe -w /Dialog:DiscCopy [Nero AG]

NeroBurningROM10LaunchNBR\
Provider = Nero Burning ROM 10
InvokeProgID = Nero.BurningROM.10.AutoPlay
InvokeVerb = LanchNE
HKLM\SOFTWARE\Classes\Nero.BurningROM.10.AutoPlay\shell\LanchNE\command\(Default) = E:\NERO\Nero Burning ROM\nero.exe /Media:AUTO /Drive:%L [Nero AG]

NeroExpress10CopyCD\
Provider = Nero Express 10
InvokeProgID = Nero.Express.10.AutoPlay
InvokeVerb = CopyCD
HKLM\SOFTWARE\Classes\Nero.Express.10.AutoPlay\shell\CopyCD\command\(Default) = E:\NERO\Nero Express\NeroExpress.exe -w /Dialog:DiscCopy [Nero AG]

NeroExpress10LaunchNE\
Provider = Nero Express 10
InvokeProgID = Nero.Express.10.AutoPlay
InvokeVerb = LanchNE
HKLM\SOFTWARE\Classes\Nero.Express.10.AutoPlay\shell\LanchNE\command\(Default) = E:\NERO\Nero Express\NeroExpress.exe /Media:AUTO /Drive:%L [Nero AG]

NeroVision10VideoCapture\
Provider = Nero Vision 10
ProgID = Shell.HWEventHandlerShellExecute
InitCmdLine = "E:\NERO\Nero Vision\NeroVision.exe" /New:VideoCapture
HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}
  -> {HKLM...CLSID} = Shell Execute Hardware Event Handler
                   \LocalServer32\(Default) = C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS]

SonyCMUVideoFilesOnArrival\
Provider = Content Management Utility
InvokeProgID = SonyCMU.VideoFilesAutoPlay
InvokeVerb = launch
HKLM\SOFTWARE\Classes\SonyCMU.VideoFilesAutoPlay\shell\launch\command\(Default) = E:\Sony CMU\Applications\CMUBrowser.exe /a [Sony Corporation]

VLCPlayCDAudioOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.CDAudio
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\Open\command\(Default) = "E:\VLC\vlc.exe" --started-from-file cdda:///%1 [VideoLAN]

VLCPlayDVDAudioOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.OPENFolder
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "E:\VLC\vlc.exe" %1 [VideoLAN]

VLCPlayDVDMovieOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.DVDMovie
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\Open\command\(Default) = "E:\VLC\vlc.exe" --started-from-file dvd:///%1 [VideoLAN]

VLCPlayMusicFilesOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.OPENFolder
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "E:\VLC\vlc.exe" %1 [VideoLAN]

VLCPlaySVCDMovieOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.SVCDMovie
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.SVCDMovie\shell\Open\command\(Default) = "E:\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN]

VLCPlayVCDMovieOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.VCDMovie
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.VCDMovie\shell\Open\command\(Default) = "E:\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN]

VLCPlayVideoFilesOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.OPENFolder
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "E:\VLC\vlc.exe" %1 [VideoLAN]

WIA_{51BD566E-A02D-4387-9A82-D929EA8C20B0}\
Provider = MAGIX Photo Manager 10
CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}
InitCmdLine = /WiaClsid;{51BD566E-A02D-4387-9A82-D929EA8C20B0};
  -> {HKLM...CLSID} = WPDShextAutoplay
                   \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS]


Startup items in "Alain" & "All Users" startup folders:
-------------------------------------------------------

C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup {++}
EOS Utility -> shortcut to: C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe /AutoStartUp [null data]


Non-disabled Scheduled Tasks: {++}
-----------------------------

C:\Windows\System32\Tasks
CCleanerSkipUAC ->  launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd]
GoogleUpdateTaskMachineCore ->  launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c [Google Inc.]
GoogleUpdateTaskMachineUA ->  launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.]
Norton WSC Integration -> (HIDDEN!) launches: "C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\WSCStub.exe" /taskschd [Symantec Corporation]
{01EFD430-EF5A-4513-9B35-68E92585CA86} ->  launches: E:\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [file not found]
{3C7EFDDC-705B-4997-A654-2B0A64F6E95D} ->  launches: C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "E:\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe" [MS]
{4814D3C7-FBC6-4AD3-88E7-1DB24BA7D0D3} ->  launches: C:\Windows\system32\pcalua.exe -a "G:\software\Utility-non upgrade\Utility\USB-driver\AllInOne\InstallShield\Setup.exe" -d "G:\software\Utility-non upgrade\Utility\USB-driver\AllInOne\InstallShield" [MS]
{7C410949-6C1C-4F5C-B3B0-21B5A2D9A94C} ->  launches: C:\Windows\system32\pcalua.exe -a H:\setup.exe -d H:\ [MS]

C:\Windows\System32\Tasks\Apple
AppleSoftwareUpdate ->  launches: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task [Apple Inc.]

C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client
AD RMS Rights Policy Template Management (Manual) ->  launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C}
  -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler
                   \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]
  -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler
                         \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience
AitAgent ->  launches: aitagent [MS]
Microsoft Compatibility Appraiser ->  launches: %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly [MS]
ProgramDataUpdater ->  launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Autochk
Proxy ->  launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth
UninstallDeviceTask ->  launches: BthUdTask.exe $(Arg0) [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient
SystemTask ->  launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}
  -> {HKLM...CLSID} = Certificate Services Client Task Handler
                   \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
  -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler
                         \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
UserTask ->  launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}
  -> {HKLM...CLSID} = Certificate Services Client Task Handler
                   \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
  -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler
                         \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program
Consolidator ->  launches: %SystemRoot%\System32\wsqmcons.exe [MS]
KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c}
  -> {HKLM...CLSID} = KernelCeipCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\kernelceip.dll [MS]
UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8}
  -> {HKLM...CLSID} = UsbCeip
                   \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS]
  -> {HKLM...Wow...CLSID} = UsbCeip
                         \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Defrag
ScheduledDefrag ->  launches: %windir%\system32\defrag.exe -c [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis
Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3}
  -> {HKLM...CLSID} = ScheduledDiagnosticCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\sdiagschd.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Location
Notifications ->  launches: %windir%\System32\LocationNotifications.exe [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance
WinSAT ->  launches: {A9A33436-678B-4C9C-A211-7CC38785E79D}
  -> {HKLM...CLSID} = WinSAT Task Manger Task
                   \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS]
  -> {HKLM...Wow...CLSID} = WinSAT Task Manger Task
                         \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Media Center
ActivateWindowsSearch ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [MS]
ConfigureInternetTimeService ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [MS]
DispatchRecoveryTasks ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [MS]
ehDRMInit ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS]
InstallPlayReady ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [MS]
mcupdate ->  launches: %SystemRoot%\ehome\mcupdate $(Arg0) [MS]
MediaCenterRecoveryTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [MS]
ObjectStoreRecoveryTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [MS]
OCURActivate ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS]
OCURDiscovery ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [MS]
PBDADiscovery ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [MS]
PBDADiscoveryW1 ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [MS]
PBDADiscoveryW2 ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [MS]
PvrRecoveryTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [MS]
PvrScheduleTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [MS]
RegisterSearch ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [MS]
ReindexSearchRoot ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [MS]
SqlLiteRecoveryTask ->  launches: %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [MS]
UpdateRecordPath ->  launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic
CorruptionDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2}
  -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS]
DecompressionFailureDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2}
  -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC
HotStart ->  launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
  -> {HKLM...CLSID} = HotStart User Agent
                   \InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MUI
LPRemove ->  launches: %windir%\system32\lpremove.exe [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia
SystemSoundsService ->  launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543}
  -> {HKLM...CLSID} = Microsoft PlaySoundService Class
                   \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]
  -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class
                         \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace
GatherNetworkInfo ->  launches: %windir%\system32\gatherNetworkInfo.vbs [null data]

C:\Windows\System32\Tasks\Microsoft\Windows\Offline Files
Background Synchronization ->  launches: {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8}
  -> {HKLM...CLSID} = Offline Files Background Synchronization Task Handler
                   \InProcServer32\(Default) = C:\Windows\System32\cscui.dll [MS]
Logon Synchronization ->  launches: {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8}
  -> {HKLM...CLSID} = Offline Files Background Synchronization Task Handler
                   \InProcServer32\(Default) = C:\Windows\System32\cscui.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics
AnalyzeSystem ->  launches: %SystemRoot%\System32\powercfg.exe -energy -auto [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RAC
RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6}
  -> {HKLM...CLSID} = ReliabilityAnalysisCustomHandler
                   \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS]
  -> {HKLM...Wow...CLSID} = ReliabilityAnalysisCustomHandler
                         \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Ras
MobilityManager ->  launches: {c463a0fc-794f-4fdf-9201-01938ceacafa}
  -> {HKLM...CLSID} = RasMobilityManager
                   \InProcServer32\(Default) = C:\Windows\system32\rasmbmgr.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Registry
RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2}
  -> {HKLM...CLSID} = RegistryIdleBackupHandler
                   \InProcServer32\(Default) = C:\Windows\System32\regidle.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance
RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx
launchtrayprocess ->  launches: %windir%\system32\GWX\GWX.exe /tasklaunch [MS]
refreshgwxconfig ->  launches: %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig [MS]
refreshgwxconfigandcontent ->  launches: %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent [MS]
refreshgwxcontent ->  launches: %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers
refreshgwxconfig-B ->  launches: %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SideShow
GadgetManager ->  launches: {FF87090D-4A9A-4f47-879B-29A80C355D61}
  -> {HKLM...CLSID} = GadgetsManager Class
                   \InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore
SR ->  launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager
Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4}
  -> {HKLM...CLSID} = RunTask
                   \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS]
  -> {HKLM...Wow...CLSID} = RunTask
                         \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip
IpAddressConflict1 ->  launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS]
IpAddressConflict2 ->  launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework
MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1}
  -> {HKLM...CLSID} = MsCtfMonitor task handler
                   \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]
  -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler
                         \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization
SynchronizeTime ->  launches: %windir%\system32\sc.exe start w32time task_started [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\UPnP
UPnPHostConfig ->  launches: sc.exe config upnphost start= auto [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WDI
ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1}
  -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler
                   \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]
  -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler
                         \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies
ValidationTask -> (HIDDEN!) launches: %SystemRoot%\system32\Wat\WatAdminSvc.exe /run [MS]
ValidationTaskDeadline -> (HIDDEN!) launches: %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting
QueueReporting ->  launches: %windir%\system32\wermgr.exe -queuereporting [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform
BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing
UpdateLibrary ->  launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup
ConfigNotification ->  launches: %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Wininet
CacheTask ->  launches: {0358b920-0ac7-461f-98f4-58e32cd89148}
  -> {HKLM...CLSID} = Wininet Cache task object
                   \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS]
  -> {HKLM...Wow...CLSID} = Wininet Cache task object
                         \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS]

C:\Windows\System32\Tasks\Norton Security
Norton Error Analyzer ->  launches: C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\SymErr.exe /analyze [Symantec Corporation]
Norton Error Processor ->  launches: C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\SymErr.exe /submit [Symantec Corporation]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS]
000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS]
000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++}
000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS]
000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS]
000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 10

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 10


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
  -> {HKLM...CLSID} = Norton Toolbar
                   \InProcServer32\(Default) = C:\Program Files (x86)\Norton Security\Engine64\22.2.0.31\coIEPlg.dll [Symantec Corporation]

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} = Norton Toolbar
  -> {HKLM...CLSID} = Norton Toolbar
                   \InProcServer32\(Default) = C:\Program Files (x86)\Norton Security\Engine64\22.2.0.31\coIEPlg.dll [Symantec Corporation]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} = (no title provided)
  -> {HKLM...CLSID} = Adobe Acrobat Create PDF Toolbar
                   \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [Adobe Systems Incorporated]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} = Norton Toolbar
  -> {HKLM...Wow...CLSID} = Norton Toolbar
                         \InProcServer32\(Default) = C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\coIEPlg.dll [Symantec Corporation]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} = (no title provided)
  -> {HKLM...Wow...CLSID} = Adobe Acrobat Create PDF Toolbar
                         \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [Adobe Systems Incorporated]

Explorer Bars

HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\

{28BCCB9A-E66B-463C-82A4-09F320DE94D7}\(Default) = (no title provided)
  -> {HKLM...CLSID} = F12 Developer Tools
                   \InProcServer32\(Default) = C:\Program Files\Internet Explorer\F12Tools.dll [MS]

HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Onderzoeken
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\
{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
ButtonText = Research
BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
  -> {HKLM...Wow...CLSID} = &Onderzoeken
                         \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL [MS]


Miscellaneous IE Hijack Points
------------------------------

HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\
<<H>> InPrivate = res://ieframe.dll/inprivate_win7.htm [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Adobe Acrobat Update Service, AdobeARMservice, "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [Adobe Systems Incorporated]
AVG Thema-uitbreiding, UxTuneUp, C:\Windows\System32\svchost.exe -k netsvcs {C:\Windows\System32\uxtuneup.dll [AVG Technologies]}
Cron Service, CronService, E:\Prey\wpxsvc.exe [Fork, Ltd.]
Diagnostics Tracking Service, DiagTrack, C:\Windows\System32\svchost.exe -k utcsvc {C:\Windows\system32\diagtrack.dll [MS]}
FABS - Helping agent for MAGIX media database, Fabs, C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe /DisableUI [MAGIX© AG]
LightScribeService Direct Disc Labeling Service, LightScribeService, "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" [Hewlett-Packard Company]
MBAMScheduler, MBAMScheduler, "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" [Malwarebytes Corporation]
MBAMService, MBAMService, "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" [Malwarebytes Corporation]
Nero Update, NAUpdate, "C:\Program Files (x86)\Nero\Update\NASvc.exe" [Nero AG]
NetLimiter 3 Service, nlsvc, "E:\Netlimiter PRO\nlsvc.exe" [Locktime Software]
Norton Security, NS, "C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\NS.exe" /s "NS" /m "C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\diMaster.dll" /prefetch:1 [Symantec Corporation]
NVIDIA Display Driver Service, nvsvc, "C:\Windows\system32\nvvsvc.exe" [NVIDIA Corporation]
NVIDIA Stereoscopic 3D Driver Service, Stereo Service, "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" [NVIDIA Corporation]
SAMSUNG Mobile Connectivity Service, ss_conn_service, "E:\USB Drivers\25_escape\conn\ss_conn_service.exe" [DEVGURU Co., LTD.]
Sentinel LDK License Manager, hasplms, C:\Windows\system32\hasplms.exe -run [SafeNet Inc.]
Update service, Update service, C:\Program Files (x86)\Popcorn Time\Updater.exe [Company]


Safe Mode Drivers & Services (subkey name, subkey default value):
-----------------------------------------------------------------

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\

<<!>> PEVSystemStart, Service

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\

<<!>> PEVSystemStart, Service


Print Monitors:
---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
Adobe PDF Port Monitor\Driver = AdobePDF.dll [Adobe Systems Inc]
Canon BJ Language Monitor MG5400 series\Driver = CNMLMBB.DLL [CANON INC.]


<<H>>: Suspicious data at a browser hijack point.


==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=292 folders=271 552988758 bytes)

==== Empty Temp Folders ======================

C:\Users\Alain\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Alain\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 16/07/2015 at 10:27:47,49 ======================