Zoek.exe v5.0.0.0 Updated 24-12-2014 Tool run by Gebruiker on zo 28/12/2014 at 20:17:23,01. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: D:\Users\Gebruiker\Documents\Downloads\zoek (2).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-12-28-182410.log 223693 bytes ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\hasplms.exe C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Hotkey\PowerBiosServer.exe C:\Windows\System32\igfxtray.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\ChiconyCam\CECAPLF.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\CCleaner\CCleaner64.exe C:\Program Files (x86)\Hotkey\Hotkey.exe C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Motorola\Bluetooth\obexsrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k WindowsMobile C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Motorola\Bluetooth\audiosrv.exe C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE D:\Users\Gebruiker\Documents\Downloads\zoek (2).exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe ==== Windows Installer Info ====================== Adobe Reader XI (11.0.09) - Nederlands [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA73401B744BA0000000010]C:\Windows\Installer\3e51a1.msi Advertising Center [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\83a4ce2b545b00a4284131efe019e5d6]C:\Windows\Installer\a87eb7f.msi Cisco EAP-FAST Module [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7810FB462D3FB89499AE61A39FEAE69C]C:\windows\Installer\1ee5ff.msi Cisco LEAP Module [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\70DA7C156F3C5364E8A83231608D01EF]C:\windows\Installer\1ee609.msi Cisco PEAP Module [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D6775DE4B957B64FA18F5D2497D6C04]C:\windows\Installer\1ee604.msi D3DX10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7BD4C90EC03660F46A13E87A329932FA]C:\windows\Installer\13df24.msi Galerie de photos Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7430F8847A4C4734197A0318B8DE7A01]C:\windows\Installer\13e06e.msi Google Drive [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6383F06CA3332EA45B62FCBD1A349AAB]C:\Windows\Installer\c1573.msi Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\18555481990E8AB4CBB63FB4F26006C0]C:\Windows\Installer\f6029d.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\Windows\Installer\21dcbf.msi Hotkey 3.3017 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6B417461CB649464A9036ADE230FB3A5]C:\windows\Installer\90d07.msi Java 7 Update 67 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF230120776FF]C:\Windows\Installer\59e19f.msi Java 8 Update 25 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208520F]C:\Windows\Installer\4f5a55.msi Junk Mail filter update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E0BA6F1DDC839B4A832AAE92BEFCF4E]C:\windows\Installer\13dfc3.msi LEGO MINDSTORMS Education EV3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7EF9656DFFBB4994A92E53BB300EEBBC]C:\Windows\Installer\8915ee.msi LEGO MINDSTORMS Education EV3 Content [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A06FBBE7FD09D4B4388AEC2B8C99122A]C:\Windows\Installer\8915c8.msi LEGO MINDSTORMS Education EV3 Nederlandse ondersteuning [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E8ABDAEE02146634BAF20B1875E58892]C:\Windows\Installer\8915ce.msi LEGO MINDSTORMS Education EV3 Teacher Mode [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DA68B025C146CFC4F9CA4B266744A4D2]C:\Windows\Installer\8915d5.msi LEGO MINDSTORMS EV3 Uninstaller [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9B2903F5042473042A78FBF6A99269CB]C:\Windows\Installer\8915af.msi LEGO MINDSTORMS NXT x64 Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\82C1380AAF6A3A9468EA5BEAC3E91EC9]C:\Windows\Installer\8915f6.msi MEDION GoPal Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\15DC8C6A4EA1D474ABD221C5BDAEDD30]C:\Windows\Installer\1feda51.msi Mesh Runtime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6116D6C8427B0184F8D20D746E7B6DE8]C:\windows\Installer\13e0c1.msi Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BE4EBED704B66673BB53C5BB3C58AD73]C:\Windows\Installer\6809d.msi Microsoft Antimalware Service NL-NL Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8F0CDE8FCB51114478267701C5A8EACE]C:\Windows\Installer\53195.msi Microsoft Application Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021599B0090400100000000F01FEC]C:\windows\Installer\13dea3.msi Microsoft Groove MUI (Dutch) 2013 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109AB0031400000000000F01FEC]C:\Windows\Installer\9294fc.msi Microsoft Office 64-bit Components 2013 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109A20000000100000000F01FEC]C:\Windows\Installer\929499.msi Microsoft Office Access MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109510031400000000000F01FEC]C:\Windows\Installer\3acf1.msi Microsoft Office Excel MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109610031400000000000F01FEC]C:\Windows\Installer\3acb8.msi Microsoft Office Groove MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109AB0031400000000000F01FEC]C:\Windows\Installer\3acbe.msi Microsoft Office InfoPath MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109440031400000000000F01FEC]C:\Windows\Installer\3acfd.msi Microsoft Office Korrekturhilfen 2013 - Deutsch [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109F10070400000000000F01FEC]C:\Windows\Installer\9294e4.msi Microsoft Office Office 64-bit Components 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109A20000000100000000F01FEC]C:\Windows\Installer\3ad12.msi Microsoft Office OneNote MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000041091A0031400000000000F01FEC]C:\Windows\Installer\3acf7.msi Microsoft Office Outlook MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109A10031400000000000F01FEC]C:\Windows\Installer\3accb.msi Microsoft Office PowerPoint MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109810031400000000000F01FEC]C:\Windows\Installer\3acb1.msi Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004119110000000000000000F01FEC]C:\Windows\Installer\3ad1b.msi Microsoft Office Proof (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10031400000000000F01FEC]C:\Windows\Installer\3acd1.msi Microsoft Office Proof (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400000000000F01FEC]C:\Windows\Installer\3ace3.msi Microsoft Office Proof (French) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400000000000F01FEC]C:\Windows\Installer\3acdd.msi Microsoft Office Proof (German) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10070400000000000F01FEC]C:\Windows\Installer\3acd7.msi Microsoft Office Proofing (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109C20031400000000000F01FEC]C:\Windows\Installer\3ace9.msi Microsoft Office Proofing (Dutch) 2013 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109C20031400000000000F01FEC]C:\Windows\Installer\9294f6.msi Microsoft Office Proofing Tools 2013 - English [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109F10090400000000000F01FEC]C:\Windows\Installer\9294f0.msi Microsoft Office Proofing Tools 2013 - Nederlands [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109F10031400000000000F01FEC]C:\Windows\Installer\9294de.msi Microsoft Office Publisher MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109910031400000000000F01FEC]C:\Windows\Installer\3ad04.msi Microsoft Office Shared 64-bit MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109A20031400100000000F01FEC]C:\Windows\Installer\3acc4.msi Microsoft Office Shared 64-bit MUI (Dutch) 2013 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109A20031400100000000F01FEC]C:\Windows\Installer\929479.msi Microsoft Office Shared MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60031400000000000F01FEC]C:\Windows\Installer\3acab.msi Microsoft Office Shared MUI (Dutch) 2013 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109E60031400000000000F01FEC]C:\Windows\Installer\9294d8.msi Microsoft Office Word MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109B10031400000000000F01FEC]C:\Windows\Installer\3ad0b.msi Microsoft OneDrive for Business 2013 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005119AB0000000000000000F01FEC]C:\Windows\Installer\92952a.msi Microsoft Security Client NL-NL Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FDA119CD06B72F041A21BFE16B04D270]C:\Windows\Installer\53186.msi Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]C:\Windows\Installer\561ff.msi Microsoft Silverlight 5.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5800DCB3874B3B843832778EDB940326]C:\Windows\Installer\891602.msi Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D034B0FAA6BD374B960AAD30DF10D8B]C:\windows\Installer\13e02b.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\50a3a.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1007C6B46D7C017319E3B52CF3EC196E]C:\Windows\Installer\adcd0d.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]C:\Windows\Installer\24e2d1.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]C:\Windows\Installer\1feda4b.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]C:\Windows\Installer\adcd07.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]C:\Windows\Installer\24e2d8.msi Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1926E8D15D0BCE53481466615F760A7F]C:\Windows\Installer\9a098.msi Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]C:\Windows\Installer\975d1.msi MSVCRT [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6C64DD86500CEF47BA082BB611A1FF1]C:\windows\Installer\13ded4.msi MSVCRT_amd64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\52744B0D6663D294EB6F85A741DBB99D]C:\windows\Installer\13dfc7.msi MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDA39468D428E8B4DB27C8D5DC5CA217]C:\Windows\Installer\1f9904d.msi MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8A266FCD4F2A1409E1C8110F44DBCE]C:\Windows\Installer\1f99054.msi Nero ControlCenter [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ad0ac5dbda17ad341be9e6eec0a9cda9]C:\Windows\Installer\a87eb8b.msi Nero Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\33408a8eb2031ff418d5cf8cae4c28ff]C:\Windows\Installer\a87eb9d.msi Nero Online Upgrade [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\69748abd30580ff4fa757174dda961d6]C:\Windows\Installer\a87eb91.msi Nero StartSmart [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c8ca84773e81bb3459b980f8ea1af62b]C:\Windows\Installer\a87eb85.msi Nero StartSmart OEM [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\536D34D4ADF65af4AAB932FC370D85AE]C:\Windows\Installer\a87eb97.msi neroxml [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB940C659E972054EB7A79453A6EF0B9]C:\Windows\Installer\a87eb73.msi NI .NET Framework 4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C6F11A3A375EC1D49A4D07D1571545B4]C:\Windows\Installer\8915c1.msi NI EulaDepot [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DADE47E11EE1E0242A390C0F03BB709E]C:\Windows\Installer\8915db.msi NI MDF Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\59D75F02E3300454EB99C81C7949F5AE]C:\Windows\Installer\8915fc.msi NI Security Update (KB 67L8LCQW) (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E9D87A4943DACC42959541BB25ECBC6]C:\Windows\Installer\8915e7.msi NI Security Update (KB 67L8LCQW) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\12E42102B602F58438F841BB88610154]C:\Windows\Installer\8915e1.msi NI Uninstaller [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F236F207E08EDCF489BB62D1C33D2C5C]C:\Windows\Installer\8915a9.msi NI VC2008MSMs x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\49E00E7087A7AF04B9FE171C099E0814]C:\Windows\Installer\8915b5.msi NI VC2008MSMs x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A79948EF6D4B0C46BD08FB563D06266]C:\Windows\Installer\8915bb.msi NVIDIA PhysX [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EBF2823CF538D8489AC11A5E51F9F4B]C:\Windows\Installer\1244e5.msi Office 15 Click-to-Run Extensibility Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109C80000000000000000F01FEC]C:\Windows\Installer\154452.msi Office 15 Click-to-Run Licensing Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109F80000000100000000F01FEC]C:\Windows\Installer\154468.msi Office 15 Click-to-Run Localization Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109C80031400000000000F01FEC]C:\Windows\Installer\154497.msi Outils de v‚rification linguistique 2013 de Microsoft Office˙- Fran‡ais [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109F100C0400000000000F01FEC]C:\Windows\Installer\9294ea.msi PDFill PDF Editor with FREE Writer and FREE Tools [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6129931D2B18C7540A7F379B2AFE9620]C:\Windows\Installer\2e11ef.msi Renesas Electronics USB 3.0 Host Controller Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8BAD244577171E94B822900A94AE9569]C:\windows\Installer\90d0c.msi SketchUp 2015 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\24CF036C691ED6B41BB2C48B5D3F997D]C:\Windows\Installer\10c0aa.msi Solid Edge ST4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\610B20ED690EF734D86958B33B06115D]C:\Windows\Installer\14ca982.msi swMSM [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7C43C21609E58D74B9C5F017D78D7262]C:\Windows\Installer\3ea3b4.msi Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F1F913432FC79CC43B75A17E2DFFA35C]C:\windows\Installer\13df65.msi Windows Live Communications Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3D04254D3B6B9FF42B3445CE3E1E0066]C:\windows\Installer\13dee5.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\032440EF5AC97F34B985A55C2AA8F133]C:\windows\Installer\13df94.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B53C70A248384AD4A95944B2C6980A37]C:\windows\Installer\13e122.msi Windows Live Family Safety [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6658C22B225D04B47AFA25F5A5078D23]C:\windows\Installer\13e190.msi Windows Live Family Safety [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EBF5A643BDA39441ACC4BFCDF422DA6]C:\windows\Installer\13dec8.msi Windows Live Family Safety [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B3A3FAA123B7FDD4A8BB34D8EA4BE6CE]C:\windows\Installer\13e11a.msi Windows Live Family Safety [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DB0EB4EFBDE142D4694148B7C3748278]C:\windows\Installer\13e116.msi Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26ABA8B10F47DE741BC84A13825E198B]C:\windows\Installer\13de9b.msi Windows Live Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F132F0B0A6ECD384AA32773B467F9571]C:\windows\Installer\13df0c.msi Windows Live Language Selector [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5E16A70DC95AC334CBDB2220F52A82B7]C:\windows\Installer\13dea7.msi Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E42866C3BBC1584BBF38EFC6D539032]C:\windows\Installer\13e021.msi Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A563885D93EA72F4DBEA4B7EC2E809C0]C:\windows\Installer\13e15a.msi Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A57765D93F393A44082948E08362ED03]C:\windows\Installer\13dfcb.msi Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D8E6EAF9686E5F945A47A085FD9D85C0]C:\windows\Installer\13e00e.msi Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C55EC23CAB21159478799076DFFE55F6]C:\windows\Installer\13e188.msi Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A3414F312C911046897B31C10C48668]C:\windows\Installer\13e18c.msi Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4BF1F1488FDFC1644A69E3C1DF480C5B]C:\windows\Installer\13e10a.msi Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\88119C0AF88C68E4396EDCC7A9626694]C:\windows\Installer\13e112.msi Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C7BCDCEDCC85568419FA26F77989EF84]C:\windows\Installer\13e102.msi Windows Live Mesh ActiveX Control for Remote Connections [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\389F20921C4BAB448BD5C5D6252E4C14]C:\windows\Installer\13e10e.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\55565908215A0914C9DA0B003CD6B6B6]C:\windows\Installer\13dfb4.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\624365A647436C148B74243BF941582B]C:\windows\Installer\13e142.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\884FD4BEFEAAF6043A14BCA2AA13B509]C:\windows\Installer\13df49.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C12E75069EBA9504EAE3B3BE99526E06]C:\windows\Installer\13df81.msi Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E08F45ADC1622A148A5545A941F4F295]C:\windows\Installer\13deab.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4314AE291D01A814191EA5403531A183]C:\windows\Installer\13e060.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5DB8CED64757AF740B0894B2BB2EEF3A]C:\windows\Installer\13e07e.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7F80AB91827CC964A853FBDB6333EB80]C:\windows\Installer\13e098.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9D4227BCACD61F34F838B6E1930AF029]C:\windows\Installer\13e174.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0C8D398C0AB171541BC18EB9567EF207]C:\windows\Installer\13df72.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D262DB9887B64540A5A4F5FE63C38B4]C:\windows\Installer\13e12e.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\775F634D5961F2D4B844CA679CE90020]C:\windows\Installer\13dfa0.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6ACDB9A3563B764CA384963D73AFB3E]C:\windows\Installer\13df28.msi Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0FB3B06AB459FA248B8DC2D1436B31AA]C:\windows\Installer\13e164.msi Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4A9D4F432C248434EB4F5E358C54947E]C:\windows\Installer\13e088.msi Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\766F6333940964D4896BC447E3BE5C1B]C:\windows\Installer\13e02f.msi Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B292C385A83B0447A137070E0186AF4]C:\windows\Installer\13def5.msi Windows Live Remote Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A889D6FD0AEE7724AA8B51E880E634B9]C:\windows\Installer\13deb4.msi Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\15150F9C9A59B9B45B4371062E0D415A]C:\windows\Installer\13decc.msi Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2350B7483E55FAA4D8B73E1A7ADC715E]C:\windows\Installer\13dec0.msi Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\83AF057B0BA7BC24CABB7EBD9EFF06F3]C:\windows\Installer\13deb8.msi Windows Live Remote Service [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8456A20EEDF62E04E89D11D9D7E746F1]C:\windows\Installer\13de9f.msi Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BF4DC2E5835413841867506D353C6E4D]C:\windows\Installer\13debc.msi Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3CDFBC612FC20C46ACD5A2A07F7FA55]C:\windows\Installer\13ded0.msi Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EDEED656CA6FAC745A861A4B3EB47506]C:\windows\Installer\13dec4.msi Windows Live SOXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4E3B286A696ED244AC1C470AE61874B]C:\windows\Installer\13dedc.msi Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26CEF00243C306D4C98ECE73E2100CF8]C:\windows\Installer\13ded8.msi Windows Live UX Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E97A59ECCF4EFFF4A857920FB449F22F]C:\windows\Installer\13def9.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4A4869755DDD3AC4E98AB77E9D95D34B]C:\windows\Installer\13df90.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9FC52F6D78E4BE343B421CB29EDC6D86]C:\windows\Installer\13e11e.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CC973E50626FD7E438456483563B30FB]C:\windows\Installer\13df61.msi Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\076CFAAAB965F2A4284B2449E5D03EFE]C:\windows\Installer\13dfe6.msi Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\329710E78F6123E449FEA051B01D69EF]C:\windows\Installer\13e17e.msi Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\60EA627A3AAA1D34783E075F0113F440]C:\windows\Installer\13e0a2.msi Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AD29A9B3473627846B6452F38126D4F5]C:\windows\Installer\13e0af.msi Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CF454FAAAC2892F4BA13A60149587EE6]C:\windows\Installer\13e0b8.msi Windows Live Writer Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\11B786265B8581A4B93CD94FEC301F49]C:\windows\Installer\13e004.msi Windows Live Writer Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B144B41D477071489AE1A6376EA2681]C:\windows\Installer\13e151.msi Windows Live Writer Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EEDB8CDDCACDD4042875E3D8B4874276]C:\windows\Installer\13e018.msi Windows Mobile Apparaatcentrum [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DC276626FCFB9A94EAEFBAF0DEB3CFB5]C:\Windows\Installer\1feda5b.msi Windows Mobile Device Center Driver Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\63ACBD2914B91DD449A1EA1D94DD730F]C:\Windows\Installer\1feda45.msi WinZip 14.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\166F59DC4C5A5F446AAACEDD192C04CB]C:\Windows\Installer\34143f.msi ==== Empty Folders Check ====================== C:\Users\Administrator\AppData\Local\Comodo deleted successfully C:\Users\Administrator\AppData\Local\Google deleted successfully C:\Users\Gast\AppData\Local\Comodo deleted successfully C:\Users\Gast\AppData\Local\Google deleted successfully C:\Users\Gebruiker\AppData\Local\Comodo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Comodo deleted successfully C:\Users\HomeGroupUser$\AppData\Local\Google deleted successfully ==== Checking Systemdrive for Symlinks ====================== Het volume in station C heeft geen naam. Het volumenummer is 3CDB-3BF8 Map van C:\ 14/07/2009 06:08 Documents and Settings [C:\Users] 0 bestand(en) 0 bytes Map van C:\Program Files\Windows NT 03/11/2011 15:32 Bureau-accessoires [C:\Program Files\Windows NT\Accessories] 0 bestand(en) 0 bytes Map van C:\ProgramData 14/07/2009 06:08 Application Data [C:\ProgramData] 03/11/2011 15:32 Bureaublad [C:\Users\Public\Desktop] 14/07/2009 06:08 Desktop [C:\Users\Public\Desktop] 03/11/2011 15:32 Documenten [C:\Users\Public\Documents] 14/07/2009 06:08 Documents [C:\Users\Public\Documents] 03/11/2011 15:32 Favorieten [C:\Users\Public\Favorites] 14/07/2009 06:08 Favorites [C:\Users\Public\Favorites] 03/11/2011 15:32 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 03/11/2011 15:32 Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 14/07/2009 06:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14/07/2009 06:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\ProgramData\Microsoft\Windows\Start Menu 03/11/2011 15:32 Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\ProgramData\Oracle\Java\javapath 05/12/2014 10:47 java.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe] 05/12/2014 10:47 javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe] 05/12/2014 10:47 javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe] 3 bestand(en) 0 bytes Map van C:\Users\TEMP 28/12/2014 19:24 Application Data [C:\Users\TEMP\AppData\Roaming] 28/12/2014 19:24 Cookies [C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Cookies] 28/12/2014 19:24 Local Settings [C:\Users\TEMP\AppData\Local] 28/12/2014 19:24 Menu Start [C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu] 28/12/2014 19:24 Mijn documenten [C:\Users\TEMP\Documents] 28/12/2014 19:24 NetHood [C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 28/12/2014 19:24 Netwerkprinteromgeving [C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 28/12/2014 19:24 Recent [C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Recent] 28/12/2014 19:24 SendTo [C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\SendTo] 28/12/2014 19:24 Sjablonen [C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\TEMP\AppData\Local 28/12/2014 19:24 Application Data [C:\Users\TEMP\AppData\Local] 28/12/2014 19:24 Geschiedenis [C:\Users\TEMP\AppData\Local\Microsoft\Windows\History] 28/12/2014 19:24 Temporary Internet Files [C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu 28/12/2014 19:24 Programma's [C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\TEMP\Documents 28/12/2014 19:24 Mijn afbeeldingen [C:\Users\TEMP\Pictures] 28/12/2014 19:24 Mijn muziek [C:\Users\TEMP\Music] 28/12/2014 19:24 Mijn video's [C:\Users\TEMP\Videos] 0 bestand(en) 0 bytes Totaal aantal weergegeven bestanden: 3 bestand(en) 0 bytes 31 map(pen) 10.293.841.920 bytes beschikbaar ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1342460353-3148159610-2009843920-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 15 ActiveX Adobe Reader XI (11.0.09) - Nederlands Adobe Shockwave Player 11.6 Advertising Center Auslogics Disk Defrag Avast Free Antivirus BisonCam CCleaner ChiconyCam Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CSWisAdmin 4.13.0 CutePDF Writer 2.7 D3DX10 DeepBurner v1.9.0.228 DefaultTab Chrome Definition Update for Microsoft Office 2010 (KB2899521) 32-Bit Edition Definition Update for Microsoft Office 2013 (KB2899506) 32-Bit Edition Dropbox EPSON Scan EPSON SX420W Series Printer Uninstall EpsonNet Print EpsonNet Setup 3.3 FormatFactory 3.5.0.0 Galerie de photos Windows Live Google Drive Google Toolbar for Internet Explorer Google Update Helper Hotkey 3.3017 Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Java 7 Update 67 Java 8 Update 25 Java Auto Updater JMicron Ethernet Adapter NDIS Driver JMicron Flash Media Controller Driver Junk Mail filter update K-Lite Codec Pack 4.9.5 (Full) LEGO MINDSTORMS Education EV3 LEGO MINDSTORMS Education EV3 Content LEGO MINDSTORMS Education EV3 Nederlandse ondersteuning LEGO MINDSTORMS Education EV3 Teacher Mode LEGO MINDSTORMS EV3 LEGO MINDSTORMS EV3 Uninstaller LEGO MINDSTORMS NXT x64 Driver MEDION GoPal Assistant Medion GoPal Assistant 4.03.006 Mesh Runtime Microsoft .NET Framework 4.5.1 Microsoft Antimalware Service NL-NL Language Pack Microsoft Application Error Reporting Microsoft Groove MUI (Dutch) 2013 Microsoft Office 365 ProPlus - nl-nl Microsoft Office 64-bit Components 2013 Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Korrekturhilfen 2013 - Deutsch Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Proofing (Dutch) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Nederlands Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2013 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2013 Microsoft Office Word MUI (Dutch) 2010 Microsoft OneDrive for Business 2013 Microsoft Security Client NL-NL Language Pack Microsoft Silverlight Microsoft Silverlight 5.1 Microsoft SkyDrive Pro 2013 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Motorola Bluetooth MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) National Instruments Software Nero ControlCenter Nero Installer Nero Online Upgrade Nero StartSmart Nero StartSmart OEM neroxml NI .NET Framework 4 NI EulaDepot NI MDF Support NI Security Update (KB 67L8LCQW) NI Security Update (KB 67L8LCQW) (64-bit) NI Uninstaller NI VC2008MSMs x64 NI VC2008MSMs x86 NVIDIA-configuratiescherm 320.49 NVIDIA 3D Vision Controller Driver NVIDIA 3D Vision controllerstuurprogramma 320.49 NVIDIA GeForce Experience 1.5 NVIDIA Grafisch stuurprogramma 320.49 NVIDIA Install Application NVIDIA Optimus 4.11.9 NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.13.0604 NVIDIA Update 4.11.9 NVIDIA Update Components Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Outils de v‚rification linguistique 2013 de Microsoft Office˙- Fran‡ais PDFill PDF Editor with FREE Writer and FREE Tools Realtek High Definition Audio Driver REALTEK Wireless LAN Driver Renesas Electronics USB 3.0 Host Controller Driver Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2013 (KB2880502) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SketchUp 2015 Solid Edge ST4 swMSM Synaptics Pointing Device Driver THX TruStudio Pro Total Commander (Remove or Repair) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Excel 2010 (KB2889935) 32-Bit Edition Update for Microsoft Excel 2013 (KB2899509) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Lync 2013 (KB2899507) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition Update for Microsoft Office 2013 (KB2837654) 32-Bit Edition Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition Update for Microsoft Office 2013 (KB2881001) 32-Bit Edition Update for Microsoft Office 2013 (KB2881008) 32-Bit Edition Update for Microsoft Office 2013 (KB2881009) 32-Bit Edition Update for Microsoft Office 2013 (KB2881039) 32-Bit Edition Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition Update for Microsoft Office 2013 (KB2883049) 32-Bit Edition Update for Microsoft Office 2013 (KB2889857) 32-Bit Edition Update for Microsoft Office 2013 (KB2889940) 32-Bit Edition Update for Microsoft Office 2013 (KB2899493) 32-Bit Edition Update for Microsoft Office 2013 (KB2899510) 32-Bit Edition Update for Microsoft OneDrive for Business (KB2899513) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft OneNote 2013 (KB2883059) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft Outlook 2013 (KB2899504) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2878251) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition VLC media player 2.1.1 WebCam Installer Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile Apparaatcentrum Windows Mobile Device Center Driver Update WinPcap 4.1.1 WinZip 14.0 YTD Video Downloader 4.7.4 ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftonicAssistant] ==== Deleting Files \ Folders ====================== C:\Windows\SysWow64\config\systemprofile\AppData\Roaming\defaulttab not found C:\Program Files (x86)\0ca45c95134d not found C:\Program Files (x86)\AnyProtectEx not found C:\Users\Gebruiker\AppData\Local\SoftonicAssistant not found C:\ProgramData\1078601655 not found C:\Program Files (x86)\ORBTR not found C:\Program Files (x86)\SearchProtect not found C:\ProgramData\ab48ebd13bce1ce4 not found C:\Program Files (x86)\PriceLess not found C:\Users\Gebruiker\AppData\Roaming\smileyswelove not found C:\ProgramData\IePluginServices not found C:\ProgramData\WindowsMangerProtect not found C:\Program Files (x86)\SupTab not found C:\Users\Gebruiker\AppData\Roaming\webssearches not found C:\Users\Gebruiker\AppData\Roaming\AnyProtectEx not found C:\ProgramData\Registry Helper not found C:\Program Files (x86)\ShopSave Toolbar not found C:\Program Files (x86)\Universal Updater not found "C:\Windows\tasks\APSnotifierPP1.job " not found "C:\Windows\tasks\APSnotifierPP2.job" not found "C:\Windows\tasks\APSnotifierPP3.job" not found C:\Program Files (x86)\SU1MzMmJiNjlkMw deleted C:\Program Files\CouponMonkey deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4011 MB CPU Info: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz CPU Speed: 2213,4 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | JMicron PCI Express Gigabit Ethernet Adapter | Realtek RTL8188CE Wireless LAN 802.11n COMBO PCI-E NIC CD / DVD Drives: 1x (E: | ) E: MATSHITADVD-RAM UJ8B0 Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 97,7GB | D: 367,9GB Hard Disks - Free: C: 9,3GB | D: 88,5GB Manufacturer *: Phoenix Technologies Ltd. BIOS Info: AT/AT COMPATIBLE | 04/01/11 | MSTEST - 2 Time Zone: Romance (standaardtijd) Motherboard *: CLEVO CO. W150HNM/W170HN Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Internet Explorer Version: 11.0.9600.17420 Adobe Reader version: 11.0.9.29 Sun Java version: 1.8.0_25 (32-bit) Sun Java version: 1.8.0_25 (64-bit) Shockwave Player version: 11.6.5r635 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-12-28 17:13:09 B59EF013D567E5746F1DEE2565F747ED 43152 ----a-w- C:\Windows\avastSS.scr ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== 2014-12-28 19:01:38 E2BAF00967934696C4AA063ECA56B6B8 166792 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\psmachine.dll 2014-12-28 19:01:38 D2377C9458EFEB094E38B8C874AA214C 604040 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\npGoogleUpdate3.dll 2014-12-28 19:01:38 665975CF6E511115B931B2E6BB27BA40 189320 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\psuser_64.dll 2014-12-28 19:01:38 41448ABDE73D0FF1898DC6ED7700A66A 189320 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\psmachine_64.dll 2014-12-28 19:01:38 3579D443DF2FC0A9692334B6380FE276 166792 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\psuser.dll 2014-12-28 19:01:37 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleUpdate.exe 2014-12-28 19:01:37 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleUpdateComRegisterShell64.exe 2014-12-28 19:01:37 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleCrashHandler.exe 2014-12-28 19:01:37 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleUpdateSetup.exe 2014-12-28 19:01:37 72888A4512084F0DF9B4D02EA508679F 26112 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleUpdateHelper.msi 2014-12-28 19:01:37 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleCrashHandler64.exe 2014-12-28 19:01:37 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleUpdateOnDemand.exe 2014-12-28 19:01:37 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleUpdateBroker.exe 2014-12-28 19:01:37 0562DF97934FC271893BD916A0262E6D 1689480 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\goopdate.dll 2014-12-28 18:25:56 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuhh4xu.dll 2014-12-28 18:25:56 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqxf9az.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-12-28 17:13:13 6663B30328C239D2AB10D2583054CF2E 364512 ----a-w- C:\Windows\Sysnative\aswBoot.exe 2014-12-28 12:25:54 25FB5BB03F20911C5B79B9BC073DC42A 52664 ----a-w- C:\Windows\Sysnative\.crusader ====== C:\Windows\Sysnative\drivers ===== 2014-12-28 17:13:18 B1881A01E301990B671694CA1623F1B6 436624 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys 2014-12-28 17:13:18 7509F07BA6F84C1E3B2C0D78A1F6F782 116728 ----a-w- C:\Windows\Sysnative\drivers\aswStm.sys 2014-12-28 17:13:18 1A5BDDE65B648DC3AD48B6ECAA3AE9C8 267632 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys 2014-12-28 17:13:17 9BE9F2B83DE80E2752B1405CC427E2EC 29208 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys 2014-12-28 17:13:17 4750016EF9CC1DEC6DA3FE5AF9A7F095 93568 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys 2014-12-28 17:13:17 2DA1C1AEDF454F8E32A863A1AEACDD8C 83280 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys 2014-12-28 17:13:17 1323269A92645705DEFA053F3596829D 65776 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys 2014-12-28 17:13:16 E74FD717476B30E23F45354B8F3ACB30 1050432 ----a-w- C:\Windows\Sysnative\drivers\aswsnx.sys 2014-12-28 12:28:24 545EE654B04D52AF2E7F5F393D1F7D75 43664 ----a-w- C:\Windows\Sysnative\drivers\hitmanpro37.sys ====== C:\Windows\Tasks ====== 2014-12-28 17:14:24 8D9D78AC9CFDA411EB3950E0E24BC142 4182 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update 2014-11-30 15:20:21 DBB96262434BBF5B2D93F3ED336F8A53 3680 ----a-w- C:\Windows\Sysnative\Tasks\DefaultCheck 2014-11-30 15:20:20 017CDCD3909E95C03169FC5DDC8C5E2D 3680 ----a-w- C:\Windows\Sysnative\Tasks\DefaultReg ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-12-28 12:01:00 -------- d-----w- C:\Program Files\trend micro 2014-12-09 12:20:40 -------- d-----w- C:\Program Files\A51D1C17-72CD-45BA-8C9E-E3FCA95DEAC8 2014-12-06 11:01:54 -------- d-----w- C:\Program Files\Microsoft Office 15 ======= C:\PROGRA~2 ===== 2014-12-28 10:46:13 -------- d-----w- C:\PROGRA~2\Adobe 2014-12-10 09:01:25 -------- d-----w- C:\PROGRA~2\WinZip 2014-12-09 10:10:15 -------- d-----w- C:\PROGRA~2\GU Player ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2014-12-28 18:24:33 -------- d-s---w- C:\Users\TEMP\AppData\Roaming\Microsoft 2014-12-28 18:24:33 -------- d-----w- C:\Users\TEMP\AppData\Roaming\Media Center Programs 2014-12-28 18:24:33 -------- d-----w- C:\Users\TEMP\AppData\Local\Temp 2014-12-28 18:24:33 -------- d-----w- C:\Users\TEMP\AppData\Local\Microsoft Help 2014-12-28 18:24:33 -------- d-----w- C:\Users\TEMP\AppData\Local\Microsoft 2014-12-28 18:24:33 -------- d-----w- C:\Users\TEMP\AppData\Local\Google 2014-12-28 18:24:33 -------- d-----r- C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-12-28 18:24:33 -------- d-----r- C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-12-28 18:22:46 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-12-28 18:22:46 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-12-28 18:22:46 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-12-28 18:22:45 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Temp 2014-12-26 11:05:06 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps 2014-12-10 09:02:29 -------- d-----w- C:\Users\Gebruiker\AppData\Local\WinZip 2014-12-09 10:10:23 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player 2014-12-03 14:45:30 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory ====== C:\Users\Gebruiker ====== 2014-12-28 18:24:34 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\TEMP\ntuser.ini 2014-12-28 18:24:33 -------- d--h--w- C:\Users\TEMP\AppData 2014-12-28 18:24:33 -------- d-----w- C:\Users\TEMP\Saved Games 2014-12-28 18:24:33 -------- d-----r- C:\Users\TEMP\Videos 2014-12-28 18:24:33 -------- d-----r- C:\Users\TEMP\Pictures 2014-12-28 18:24:33 -------- d-----r- C:\Users\TEMP\Music 2014-12-28 18:24:33 -------- d-----r- C:\Users\TEMP\Links 2014-12-28 18:24:33 -------- d-----r- C:\Users\TEMP\Favorites 2014-12-28 18:24:33 -------- d-----r- C:\Users\TEMP\Downloads 2014-12-28 18:24:33 -------- d-----r- C:\Users\TEMP\Documents 2014-12-28 18:24:33 -------- d-----r- C:\Users\TEMP\Desktop 2014-12-28 12:04:49 -------- d-----w- C:\ProgramData\HitmanPro 2014-12-26 11:04:40 -------- d-----w- C:\Users\HomeGroupUser$\AppData 2014-12-26 11:04:40 -------- d-----w- C:\Users\Gast\AppData 2014-12-26 11:04:40 -------- d-----w- C:\Users\Administrator\AppData 2014-12-10 09:41:48 67C2CC2329A30EFF6FB4252F15487235 255837 ----a-w- C:\ProgramData\1418204383.bdinstall.bin 2014-12-10 09:02:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2014-12-10 09:01:28 -------- d-----w- C:\ProgramData\WinZip 2014-12-05 09:47:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-12-03 14:45:46 -------- d-----w- C:\Users\Public\Documents\Baidu ====== C: exe-files == 2014-12-28 19:01:59 E8B7FD67DA14A7BE57A5CB80E3139E60 309704 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_52E818EF81C83A9B.exe 2014-12-28 19:01:59 4C401FCC6D0C95E1A5D989E403E18F2F 1072072 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_8CA8B41417E66DEB.exe 2014-12-28 19:01:59 211F96EB417FF837A70F5130E63A1A45 400840 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_4D9709C1FA1422BA.exe 2014-12-28 19:01:53 5A6381E0AFB4E0B9FD318C1C76EFE9DC 5030744 ----a-w- C:\Program Files (x86)\Google\Update\Install\{C505BEEE-1B27-43EC-9536-436AD9B44A40}\googletoolbarinstaller_en_signed.exe 2014-12-28 19:01:53 5A6381E0AFB4E0B9FD318C1C76EFE9DC 5030744 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\0.0.0.0\googletoolbarinstaller_en_signed.exe 2014-12-28 19:01:37 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleUpdate.exe 2014-12-28 19:01:37 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleUpdateComRegisterShell64.exe 2014-12-28 19:01:37 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleCrashHandler.exe 2014-12-28 19:01:37 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleUpdateSetup.exe 2014-12-28 19:01:37 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleCrashHandler64.exe 2014-12-28 19:01:37 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleUpdateOnDemand.exe 2014-12-28 19:01:37 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Users\Gebruiker\AppData\Local\Temp\{16ED20C3-C04C-4517-88A6-C889D53CC4E4}\GoogleUpdateBroker.exe 2014-12-28 17:13:48 205E775B4B2C165922203A390B115523 40747600 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\39.0.2171.95\39.0.2171.95_chrome_installer.exe 2014-12-28 17:13:13 6663B30328C239D2AB10D2583054CF2E 364512 ----a-w- C:\Windows\System32\aswBoot.exe 2014-12-28 12:01:09 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2014-12-26 11:47:27 A94943AFD01E064AA96C91FA9692B2FB 705184 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\DCF\SPREADSHEETCOMPARE.EXE 2014-12-26 11:47:16 6B417A514D2538C4A6E7751848951203 550584 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msosqm.exe 2014-12-26 11:47:12 145952D017DD84363F7D62AEAA83E825 39584 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\appsharinghookcontroller64.exe 2014-12-26 11:47:11 F4C953B8D00CFC9964A01A13A30E07F5 1092816 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\olicenseheartbeat.exe 2014-12-26 11:46:36 A76A48B94167494138DCDF4F54964D82 873640 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe 2014-12-26 11:46:35 DE8AD4A570261E1A933229B0379D19A0 842440 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dw20.exe 2014-12-26 11:46:34 9A1983566048049ECCD032A912CD0A57 7765720 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\cmigrate.exe 2014-12-26 11:46:34 56F3447EBB71F6035E10D8BFDB3831C9 5681880 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\cmigrate.exe 2014-12-26 11:46:33 59360FFECC83F76DCF786DB0477F622B 81640 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe 2014-12-26 11:46:33 412D869D86DFEBC54663B56F2CB61E8D 474336 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dwtrig20.exe 2014-12-26 11:46:33 40489D0E1D38037BF53C3296CC338D46 528584 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\vpreview.exe 2014-12-26 11:46:31 72A7D1D3B54044D56D0C3462FDE9B748 1923224 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\winword.exe 2014-12-26 11:46:17 F5CEA4709D46C0CE268122D934BE7EEE 665248 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ucmapi.exe 2014-12-26 11:46:16 CFA27E4019358E2D6C811A72AAA003F1 480976 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\selfcert.exe 2014-12-26 11:46:14 E948425B377ED9964E7E306BE8A4290E 18954400 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\outlook.exe 2014-12-26 11:46:10 E68E860F5161FC75512B92AB33195560 569592 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\orgchart.exe 2014-12-26 11:46:08 EB5C25C812231B965DF747D024160396 1295560 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ocpubmgr.exe 2014-12-26 11:46:06 F038F770DB4647D7FFA2819FC63FAA62 10758304 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\mspub.exe 2014-12-26 11:46:00 60804F0D4D7D26500E20A5E70B9825CD 25704600 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excel.exe 2014-12-26 11:45:58 37A78032F8E4AE53640B671CF9E3AF66 15518888 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msaccess.exe 2014-12-26 11:45:56 CBFD156C393231D1A35D2F70657E9734 497856 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msouc.exe 2014-12-26 11:45:56 B87FE2FEED3856CBB664F6572DE9DD39 517360 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\iecontentservice.exe 2014-12-26 11:45:56 4CE4D38EEA77F9A3C2E2F17742838F7A 449216 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\msosync.exe 2014-12-26 11:45:55 F0D10D6DD8F649C50BA9E0FB018BC41F 1783976 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\infopath.exe 2014-12-26 11:45:55 980F4A6CDF85D29E80D2792FCAEED338 4522680 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\graph.exe 2014-12-26 11:45:53 14A09D882EBEF612721F4C1F1E52C1C7 6484640 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconv.exe 2014-12-26 11:45:51 B975043CDCB0E8E68CC646F2EE0D1EE9 19052696 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lync.exe 2014-12-26 11:45:48 200EAE90FD969B08F1271C22A3B0BC75 8706752 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\groove.exe 2014-12-26 11:45:42 8B298F80490A813D849EEFC7495DA519 21937304 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe 2014-12-26 11:45:22 F6742BC6B070A4060BED78F7F59FEE0E 590536 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\integrator.exe 2014-12-26 11:45:16 AF5B2B067DEAFCFB805289BFF70DBE93 280744 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\DCF\DATABASECOMPARE.EXE 2014-12-26 11:44:59 5EDC8FCE400CA9CDA27EFFC4AF4D7275 1765024 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE === C: other files == 2014-12-28 17:13:18 B1881A01E301990B671694CA1623F1B6 436624 ----a-w- C:\Windows\System32\drivers\aswSP.sys 2014-12-28 17:13:18 7509F07BA6F84C1E3B2C0D78A1F6F782 116728 ----a-w- C:\Windows\System32\drivers\aswStm.sys 2014-12-28 17:13:18 1A5BDDE65B648DC3AD48B6ECAA3AE9C8 267632 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2014-12-28 17:13:17 9BE9F2B83DE80E2752B1405CC427E2EC 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2014-12-28 17:13:17 4750016EF9CC1DEC6DA3FE5AF9A7F095 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2014-12-28 17:13:17 2DA1C1AEDF454F8E32A863A1AEACDD8C 83280 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2014-12-28 17:13:17 1323269A92645705DEFA053F3596829D 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2014-12-28 17:13:16 E74FD717476B30E23F45354B8F3ACB30 1050432 ----a-w- C:\Windows\System32\drivers\aswsnx.sys 2014-12-28 12:28:24 545EE654B04D52AF2E7F5F393D1F7D75 43664 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys ======== System Restore Points ======== RP325: 15/12/2014 18:58:38 - Windows Update RP326: 16/12/2014 13:57:21 - Herstelbewerking RP327: 16/12/2014 14:17:40 - Windows Update RP328: 17/12/2014 14:15:06 - Windows Update RP329: 20/12/2014 14:46:59 - Windows Update RP330: 22/12/2014 11:26:39 - Windows Update RP332: 23/12/2014 16:18:58 - Windows Defender Checkpoint RP333: 26/12/2014 11:39:25 - Windows Update RP335: 26/12/2014 11:46:56 - Reimage Express Restore Point RP336: 26/12/2014 12:06:59 - Smileys We Love Toolbar for IE is verwijderd RP337: 26/12/2014 12:15:10 - Herstelbewerking RP338: 26/12/2014 12:41:26 - Windows Update RP340: 26/12/2014 13:05:21 - Windows Defender Checkpoint RP341: 28/12/2014 10:43:56 - Windows Update RP342: 28/12/2014 13:23:39 - Controlepunt van HitmanPro RP343: 28/12/2014 13:25:21 - Controlepunt van HitmanPro RP344: 28/12/2014 18:11:12 - avast! antivirus system restore point RP345: 28/12/2014 18:32:45 - zoek.exe restore point ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1342460353-3148159610-2009843920-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-21-1342460353-3148159610-2009843920-1006\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-1342460353-3148159610-2009843920-1006\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "THX Audio Control Panel"="C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe /r" "UpdReg"="C:\windows\UpdReg.EXE" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707"="C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe -s" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\windows\\SysWOW64\\nvinit.dll,C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BTMTrayAgent"="rundll32.exe C:\Program Files\Motorola\Bluetooth\btmshell.dll,TrayApp" "THXCfg64"="C:\windows\system32\RunDLL32.exe C:\windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "CECAPLF"="C:\Program Files (x86)\ChiconyCam\CECAPLF.exe" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" "InstallerLauncher"="C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe /run:C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\windows\\system32\\nvinitx.dll,C:\\Windows\\system32\\nvinitx.dll" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneDrive voor Bedrijven.lnk] "item"="OneDrive voor Bedrijven" "path"="C:\\Users\\Gebruiker\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OneDrive voor Bedrijven.lnk" "backup"="C:\\Windows\\pss\\OneDrive voor Bedrijven.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\MICROS~4\\Office15\\GROOVE.EXE" ==== Startup Folders ====================== 2014-08-22 16:29:06 1050 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox (2).lnk 2014-12-09 14:46:41 1144 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2011-05-02 13:10:20 865 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [26/12/2014 12:43] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/06/2014 17:49] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DefaultCheck" [c:\Users\All Users\dtdata\R002.exe] "C:\Windows\SysNative\tasks\DefaultReg" [c:\Users\All Users\dtdata\R001.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\{F7BF2422-EFE0-4D75-BE0F-92FEC658FE5B}" [C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE] "C:\Windows\SysNative\tasks\{F856ADA8-1E14-4653-9762-D5CEBD3EE405}" [C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [28/12/2014 18:13] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[10/12/2014 10:59] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.voltraweb.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.voltraweb.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{F58CF5BF-B714-487C-870C-18DC77AA0835}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7" {F58CF5BF-B714-487C-870C-18DC77AA0835} Google Url="http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=&rlz=1I7GUEA_nlBE573" ==== Reset Google Chrome ====================== Nothing found to reset ==== shortcuts on Users Desktops ====================== C:\Users\Gebruiker\Desktop\Auslogics Disk Defrag.lnk - C:\Program Files (x86)\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe C:\Users\Gebruiker\Desktop\DeepBurner.lnk - C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe C:\Users\Gebruiker\Desktop\documenten van Filip - Snelkoppeling.lnk - D:\documenten van Filip C:\Users\Gebruiker\Desktop\Dropbox.lnk - C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Gebruiker\Desktop\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe C:\Users\Gebruiker\Desktop\Total Commander.lnk - C:\totalcmd\TOTALCMD.EXE C:\Users\Gebruiker\Desktop\usb stick 16 mei\school\Tina Pro Book\Tina Pro for Windows\Read Me.lnk - C:\Users\Gebruiker\Desktop\Tina Pro Book\readme.txt C:\Users\Gebruiker\Desktop\usb stick 16 mei\school\Tina Pro Book\Tina Pro for Windows\Tina for Windows Help.lnk - C:\Program Files (x86)\DesignSoft\Tina Pro Book\TINA.HLP C:\Users\Gebruiker\Desktop\usb stick 16 mei\school\Tina Pro Book\Tina Pro for Windows\Tina.lnk - C:\Users\Gebruiker\Desktop\Tina Pro Book\TINA.EXE C:\Users\Gebruiker\Desktop\usb stick 16 mei\school\Tina Pro Book\Tina Pro for Windows\Uninstall Tina.lnk - C:\WINDOWS\IsUninst.exe -f"C:\Program Files\DesignSoft\Tina Pro Book\uninst.isu" ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\LayOut 2015.lnk - D:\sketchup\LayOut\LayOut.exe C:\Users\Public\Desktop\PDFill PDF Editor.lnk - C:\Program Files (x86)\PlotSoft\PDFill\PDFill.exe C:\Users\Public\Desktop\PDFill PDF Tools (Free).lnk - C:\Program Files (x86)\PlotSoft\PDFill\PDFill_PDF_Tools.exe C:\Users\Public\Desktop\PDFill PDF Writer (Free).lnk - C:\Program Files (x86)\PlotSoft\PDFill\WriterSave.exe C:\Users\Public\Desktop\SketchUp 2015.lnk - D:\sketchup\SketchUp.exe C:\Users\Public\Desktop\Style Builder 2015.lnk - D:\sketchup\Style Builder\Style Builder.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe /help C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player\GU Player.lnk - C:\Program Files (x86)\GU Player\GuPlayer.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player\Uninstall GU Player.lnk - C:\Program Files (x86)\GU Player\GUPlayerUninstaller.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP32.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CSWisAdmin\Client.lnk - C:\WISA\CSWisAdmin\Client\wisadmin.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSACCESS.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\EXCEL.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\INFOPATH.EXE /design C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\INFOPATH.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\lync.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\Windows\Installer\{91150000-00BA-0000-0000-0000000FF1CE}\grv_icons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive voor Bedrijven 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\GROOVE.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTE.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OUTLOOK.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\POWERPNT.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSPUB.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Verzenden naar OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTEM.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\WINWORD.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Database Compare 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\client\AppVLP.exe "C:\Program Files\Microsoft Office 15\Root\Office15\DCF\DATABASECOMPARE.EXE" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Lync opnamebeheer.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OcPubMgr.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Office 2013 Upload Center.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSOUC.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Spreadsheet Compare 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\client\AppVLP.exe "C:\Program Files\Microsoft Office 15\Root\Office15\DCF\SPREADSHEETCOMPARE.EXE" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Taalvoorkeuren voor Office 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\SETLANG.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Telemetriedashboard voor Office 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\msotd.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Telemetrielogboek voor Office 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\msoev.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015\LayOut.lnk - D:\sketchup\LayOut\LayOut.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015\SketchUp.lnk - D:\sketchup\SketchUp.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015\Style Builder.lnk - D:\sketchup\Style Builder\Style Builder.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\Help Manual.lnk - C:\Windows\hh.exe C:\PROGRA~2\WinZip\winzip.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\WinZip 14.0.lnk - C:\Program Files (x86)\WinZip\WINZIP32.EXE ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DeepBurner.lnk - C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Client.lnk - C:\WISA\CSWisAdmin\Client\wisadmin.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Excel 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Excel 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Outlook 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TuneUp Utilities - Startoberfläche.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\TEMP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\TEMP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== Uninstall List x64 ====================== Adobe Flash Player 15 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] Adobe Reader XI (11.0.09) - Nederlands [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1043-7B44-AB0000000001}] Adobe Shockwave Player 11.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player] Advertising Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}] Auslogics Disk Defrag [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1] Avast Free Antivirus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avast] BisonCam [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5BBC4803-C96E-4D3E-9D1D-2E43774C4062}] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] ChiconyCam [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A2201542-DA80-457F-8BD9-6C9C90196481}] Cisco EAP-FAST Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}] Cisco LEAP Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{51C7AD07-C3F6-4635-8E8A-231306D810FE}] Cisco PEAP Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}] CSWisAdmin 4.13.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\CSWisAdmin_is1] CutePDF Writer 2.7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CutePDF Writer Installation] D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}] DeepBurner v1.9.0.228 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2ADE2157-7A5E-122C-B51D-EB8A01B15943}] DefaultTab Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome] Dropbox [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox] EPSON Scan [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EPSON Scanner] EPSON SX420W Series Printer Uninstall [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\EPSON SX420W Series] EpsonNet Print [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3E31400D-274E-4647-916C-2CACC3741799}] EpsonNet Setup 3.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}] FormatFactory 3.5.0.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FormatFactory] Galerie de photos Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{488F0347-C4A7-4374-91A7-30818BEDA710}] Google Drive [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}] Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] Hotkey 3.3017 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{164714B6-46BC-4649-9A30-A6ED32F03B5A}] Hotkey 3.3017 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}] Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] Intel(R) Processor Graphics [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] Intel(R) Rapid Storage Technology [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}] Java 7 Update 67 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F03217067FF}] Java 8 Update 25 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218025F0}] JMicron Ethernet Adapter NDIS Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}] JMicron Flash Media Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26604C7E-A313-4D12-867F-7C6E7820BE4C}] Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}] K-Lite Codec Pack 4.9.5 (Full) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KLiteCodecPack_is1] LEGO MINDSTORMS Education EV3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6569FE7-BBFF-4994-9AE2-35BB03E0BECB}] LEGO MINDSTORMS Education EV3 Content [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7EBBF60A-90DF-4B4D-83A8-CEB2C89921A2}] LEGO MINDSTORMS Education EV3 Nederlandse ondersteuning [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EEADBA8E-4120-4366-AB2F-B081575E8829}] LEGO MINDSTORMS Education EV3 Teacher Mode [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{520B86AD-641C-4CFC-9FAC-B46276444A2D}] LEGO MINDSTORMS EV3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LEGO_SW.{5B0CB826-E499-4E6B-94F0-75B6327ED934}] LEGO MINDSTORMS EV3 Uninstaller [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F3092B9-4240-4037-A287-BF6F9A2996BC}] LEGO MINDSTORMS NXT x64 Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0831C28-A6FA-49A3-86AE-B5AE3C9EE19C}] MEDION GoPal Assistant [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A6C8CD51-1AE4-474D-BA2D-125CDBEADD03}] Medion GoPal Assistant 4.03.006 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Medion GoPal Assistant] Mesh Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}] Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}] Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033] Microsoft Antimalware Service NL-NL Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F8EDC0F8-15BC-4411-8762-77105C8AAEEC}] Microsoft Office 365 ProPlus - nl-nl [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\O365ProPlusRetail - nl-nl] Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.PROPLUSR] Microsoft Security Client NL-NL Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DC911ADF-7B60-40F2-A112-FB1EB6402D07}] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft Silverlight 5.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3BCD0085-B478-48B3-8323-77E8BD493062}] Microsoft SkyDrive Pro 2013 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office15.GROOVER] Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Motorola Bluetooth [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Motorola Bluetooth_is1] MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}] MSVCRT_amd64 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0B44725-3666-492D-BEF6-587A14BD9BD9}] MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}] MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}] Nero ControlCenter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}] Nero Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{e8a80433-302b-4ff1-815d-fcc8eac482ff}] Nero Online Upgrade [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{dba84796-8503-4ff0-af57-1747dd9a166d}] Nero StartSmart [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7748ac8c-18e3-43bb-959b-088faea16fb2}] Nero StartSmart OEM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}] neroxml [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}] NI .NET Framework 4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A3A11F6C-E573-4D1C-A9D4-701D7551544B}] NI EulaDepot [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E74EDAD-1EE1-420E-A293-C0F030BB07E9}] NI MDF Support [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{20F57D95-033E-4540-BE99-8CC197945FEA}] NI Security Update (KB 67L8LCQW) (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A78D9E6-D349-4CCA-9295-45B12BE5BC6C}] NI Security Update (KB 67L8LCQW) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{20124E21-206B-485F-838F-14BB88161045}] NI Uninstaller [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{702F632F-E80E-4FCD-98BB-261D3CD3C2C5}] NI VC2008MSMs x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{07E00E94-7A78-40FA-9BEF-71C190E98041}] NI VC2008MSMs x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E84997A1-4D6F-4C0B-B60D-F85B360D2666}] NVIDIA-configuratiescherm 320.49 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel] NVIDIA 3D Vision Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA StereoUSB Driver] NVIDIA 3D Vision controllerstuurprogramma 320.49 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] NVIDIA GeForce Experience 1.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] NVIDIA Grafisch stuurprogramma 320.49 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] NVIDIA Optimus 4.11.9 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}] NVIDIA PhysX systeemsoftware 9.13.0604 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] NVIDIA Update 4.11.9 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] NVIDIA Update Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update] PDFill PDF Editor with FREE Writer and FREE Tools [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1399216-81B2-457C-A0F7-73B9A2EF6902}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] REALTEK Wireless LAN Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D3D8C60-A55F-4123-B2B9-173F09590E16}] Renesas Electronics USB 3.0 Host Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5442DAB8-7177-49E1-8B22-09A049EA5996}] Renesas Electronics USB 3.0 Host Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}] SketchUp 2015 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C630FC42-E196-4B6D-B12B-4CB8D5F399D7}] Solid Edge ST4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DE02B016-E096-437F-8D96-853BB36011D5}] swMSM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}] Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SynTPDeinstKey] THX TruStudio Pro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{82F99DC9-389A-4528-940C-88248731A620}] Total Commander (Remove or Repair) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Totalcmd] VLC media player 2.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player] WebCam Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAE521B6-2F19-447F-8CB6-6D1E3A19F3ED}] Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}] Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2A07C35B-8384-4DA4-9A95-442B6C89A073}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite] Windows Live Family Safety [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}] Windows Live Family Safety [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}] Windows Live Family Safety [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B22C8566-D522-4B40-A7AF-525F5A70D832}] Windows Live Family Safety [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FE4BE0BD-1EDB-4D24-9614-847B3C472887}] Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1B8ABA62-74F0-47ED-B18C-A43128E591B8}] Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}] Windows Live Language Selector [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D07A61E5-A59C-433C-BCBD-22025FA2287B}] Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D56775A-93F3-44A3-8092-840E3826DE30}] Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}] Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C66824E4-CBB3-4851-BB3F-E8CFD6350923}] Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D588365A-AE39-4F27-BDAE-B4E72C8E900C}] Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C32CE55C-12BA-4951-8797-0967FDEF556F}] Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3F4143A1-9C21-4011-8679-3BC1014C6886}] Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}] Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C91188-C88F-4E86-93E6-CD7C9A266649}] Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DECDCB7C-58CC-4865-91AF-627F9798FE48}] Windows Live Mesh ActiveX Control for Remote Connections [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6057E21C-ABE9-4059-AE3E-3BEB9925E660}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6A563426-3474-41C6-B847-42B39F1485B2}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{80956555-A512-4190-9CAD-B000C36D6B6B}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}] Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DA54F80E-261C-41A2-A855-549A144F2F59}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19BA08F7-C728-469C-8A35-BFBD3633BE08}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92EA4134-10D1-418A-91E1-5A0453131A38}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BD262D0-B788-4546-A0A5-F4F56EC3834B}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C893D8C0-1BA0-4517-B11C-E89B65E72F70}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D436F577-1695-4D2F-8B44-AC76C99E0002}] Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3336F667-9049-4D46-98B6-4C743EEBC5B1}] Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{34F4D9A4-42C2-4348-BEF4-E553C84549E7}] Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}] Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83C292B7-38A5-440B-A731-07070E81A64F}] Windows Live Remote Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DF6D988A-EEA0-4277-AAB8-158E086E439B}] Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}] Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}] Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C9F05151-95A9-4B9B-B534-1760E2D014A5}] Windows Live Remote Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}] Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5E2CD4FB-4538-4831-8176-05D653C3E6D4}] Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}] Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}] Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}] Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}] Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{05E379CC-F626-4E7D-8354-463865B303BF}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3B9A92DA-6374-4872-B646-253F18624D5F}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7E017923-16F8-4E32-94EF-0A150BD196FE}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A726AE06-AAA3-43D1-87E3-70F510314F04}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAF454FC-82CA-4F29-AB31-6A109485E76E}] Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{14B441B7-774D-4170-98EA-A13667AE6218}] Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{62687B11-58B5-4A18-9BC3-9DF4CE03F194}] Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}] Windows Mobile Apparaatcentrum [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}] Windows Mobile Device Center Driver Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}] WinPcap 4.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinPcapInst] WinZip 14.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BC}] YTD Video Downloader 4.7.4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}] ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r O4 - HKLM\..\Run: [UpdReg] C:\windows\UpdReg.EXE O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe -s O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1342460353-3148159610-2009843920-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1342460353-3148159610-2009843920-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: BdBkpFolder O4 - Startup: Dropbox (2).lnk = Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Dropbox.lnk = Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll,C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe O23 - Service: CECFLPKT - Chicony Electronics Co., Ltd. - C:\Program Files (x86)\ChiconyCam\CECPLFKT.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Sentinel Local License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing) O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Silent Runners ====================== "Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/ Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} OfficeSyncProcess = "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [MS] swg = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [Google Inc.] CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [Piriform Ltd] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe BTMTrayAgent = rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp [MS] THXCfg64 = C:\windows\system32\RunDLL32.exe C:\windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 [MS] RtHDVCpl = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [Realtek Semiconductor] IgfxTray = C:\Windows\system32\igfxtray.exe [Intel Corporation] HotKeysCmds = C:\Windows\system32\hkcmd.exe [Intel Corporation] Persistence = C:\Windows\system32\igfxpers.exe [Intel Corporation] CECAPLF = C:\Program Files (x86)\ChiconyCam\CECAPLF.exe [Chicony] Nvtmru = "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [NVIDIA Corporation] Windows Mobile Device Center = C:\Windows\WindowsMobile\wmdc.exe InstallerLauncher = "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe" [file not found] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++} THX Audio Control Panel = "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r [null data] UpdReg = C:\windows\UpdReg.EXE [Creative Technology Ltd.] IAStorIcon = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [null data] BCSSync = "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [MS] InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707 = C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe -s [National Instruments Corporation] Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated] AvastUI.exe = "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui [AVAST Software] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\(Default) = Lync Click to Call BHO -> {HKLM...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [MS] -> {HKLM...Wow...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [MS] {72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided) -> {HKLM...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = avast! Online Security -> {HKLM...CLSID} = avast! Online Security \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [AVAST Software] -> {HKLM...Wow...CLSID} = avast! Online Security \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [AVAST Software] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] -> {HKLM...Wow...CLSID} = Aanmeldhulp voor Windows Live ID \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided) -> {HKLM...CLSID} = Google Toolbar Helper \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Inc.] -> {HKLM...Wow...CLSID} = Google Toolbar Helper \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.] {B4F3A835-0E21-4959-BA22-42B3008E02FF}\(Default) = URLRedirectionBHO -> {HKLM...CLSID} = Office Document Cache Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [MS] -> {HKLM...Wow...CLSID} = Office Document Cache Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [MS] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\(Default) = (no title provided) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\(Default) = Lync Click to Call BHO -> {HKLM...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [MS] -> {HKLM...Wow...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [MS] {72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided) -> {HKLM...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [Oracle Corporation] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = avast! Online Security -> {HKLM...CLSID} = avast! Online Security \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [AVAST Software] -> {HKLM...Wow...CLSID} = avast! Online Security \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [AVAST Software] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] -> {HKLM...Wow...CLSID} = Aanmeldhulp voor Windows Live ID \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided) -> {HKLM...CLSID} = Google Toolbar Helper \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Inc.] -> {HKLM...Wow...CLSID} = Google Toolbar Helper \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.] {B4F3A835-0E21-4959-BA22-42B3008E02FF}\(Default) = URLRedirectionBHO -> {HKLM...CLSID} = Office Document Cache Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [MS] -> {HKLM...Wow...CLSID} = Office Document Cache Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [MS] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\(Default) = (no title provided) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [Oracle Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict)\(Default) = {8BA85C75-763B-4103-94EB-9470F12FE0F7} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] SkyDrivePro2 (SyncInProgress)\(Default) = {CD55129A-B1A1-438E-A425-CEBC7DC684EE} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] SkyDrivePro3 (InSync)\(Default) = {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] "DropboxExt1"\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt2"\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt3"\(Default) = {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt4"\(Default) = {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt5"\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt6"\(Default) = {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt7"\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt8"\(Default) = {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] 00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [AVAST Software] GDriveBlacklistedOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] GDriveSharedEditOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] GDriveSharedViewOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] GDriveSyncedOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] GDriveSyncingOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] Groove Explorer Icon Overlay 1 (GFS Unread Stub)\(Default) = {99FD978C-D287-4F50-827F-B2C658EDA8E7} -> {HKLM...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 2 (GFS Stub)\(Default) = {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} -> {HKLM...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)\(Default) = {920E6DB1-9907-4370-B3A0-BAFC03D81399} -> {HKLM...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 3 (GFS Folder)\(Default) = {16F3DD56-1AF5-4347-846D-7C10C4192619} -> {HKLM...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 4 (GFS Unread Mark)\(Default) = {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} -> {HKLM...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict)\(Default) = {8BA85C75-763B-4103-94EB-9470F12FE0F7} -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] SkyDrivePro2 (SyncInProgress)\(Default) = {CD55129A-B1A1-438E-A425-CEBC7DC684EE} -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] SkyDrivePro3 (InSync)\(Default) = {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] "DropboxExt1"\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt2"\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt3"\(Default) = {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt4"\(Default) = {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt5"\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt6"\(Default) = {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt7"\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt8"\(Default) = {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] Groove Explorer Icon Overlay 1 (GFS Unread Stub)\(Default) = {99FD978C-D287-4F50-827F-B2C658EDA8E7} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 2 (GFS Stub)\(Default) = {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)\(Default) = {920E6DB1-9907-4370-B3A0-BAFC03D81399} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 3 (GFS Folder)\(Default) = {16F3DD56-1AF5-4347-846D-7C10C4192619} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 4 (GFS Unread Mark)\(Default) = {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class -> {HKLM...CLSID} = DesktopContext Class \InProcServer32\(Default) = C:\Program Files\NVIDIA Corporation\Display\nvui.dll [NVIDIA Corporation] {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = NVIDIA Play On My TV Context Menu Extension -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} = NvAppShExt extension -> {HKLM...CLSID} = NvAppShExt Class \InProcServer32\(Default) = C:\Windows\system32\nv3dappshext.dll [NVIDIA Corporation] {E97DEC16-A50D-49bb-AE24-CF682282E08D} = OpenGLShExt extension -> {HKLM...CLSID} = OpenGLShExt Class \InProcServer32\(Default) = C:\Windows\system32\nv3dappshext.dll [NVIDIA Corporation] {2F603045-309F-11CF-9774-0020AFD0CFF6} = Synaptics Control Panel -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\Synaptics\SynTP\SynTPCpl.dll [Synaptics Incorporated] {862D80CE-A2A4-45D4-8008-7F40766F5FEA} = My Bluetooth -> {HKLM...CLSID} = My Bluetooth \InProcServer32\(Default) = C:\Program Files\Motorola\Bluetooth\btmshell.dll [null data] {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} = Bluetooth Send To Wizard -> {HKLM...CLSID} = CSendToContextMenu Object \InProcServer32\(Default) = C:\Program Files\Motorola\Bluetooth\btmshell.dll [null data] {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office15\MSOHEVI.DLL [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office15\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office15\msoshext.dll [MS] {3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} = Groove Namespace Extension -> {HKLM...CLSID} = Werkruimten \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} = Microsoft OneNote Namespace Extension for Windows Desktop Search -> {HKLM...CLSID} = Microsoft OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONFILTER.DLL [MS] {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0} -> {HKLM...CLSID} = ImageExtractorShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\VISSHE.DLL [MS] {D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF} -> {HKLM...CLSID} = CInfoTipShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\VISSHE.DLL [MS] {72853161-30C5-4D22-B7F9-0BBC1D38A37E} = Groove GFS Browser Helper -> {HKLM...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {6C467336-8281-4E60-8204-430CED96822D} = Groove GFS Context Menu Handler -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} = Groove GFS Explorer Bar -> {HKLM...CLSID} = Groove Folder Synchronization \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {16F3DD56-1AF5-4347-846D-7C10C4192619} = Groove Explorer Icon Overlay 3 (GFS Folder) -> {HKLM...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook -> {HKLM...CLSID} = Groove GFS Stub Execution Hook \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {A449600E-1DC6-4232-B948-9BD794D62056} = Groove GFS Stub Icon Handler -> {HKLM...CLSID} = Groove GFS Stub Icon Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} = Groove Explorer Icon Overlay 2 (GFS Stub) -> {HKLM...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {920E6DB1-9907-4370-B3A0-BAFC03D81399} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {HKLM...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {HKLM...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {99FD978C-D287-4F50-827F-B2C658EDA8E7} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {HKLM...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {387E725D-DC16-4D76-B310-2C93ED4752A0} = Groove XML Icon Handler -> {HKLM...CLSID} = Groove XML Icon Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {7CCA70DB-DE7A-4FB7-9B2B-52E2335A3B5A} = Nameext -> {HKLM...CLSID} = Ondernemingsprojecten \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\NAMEEXT.DLL [MS] {0006F045-0000-0000-C000-000000000046} = Microsoft Outlook Custom Icon Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office15\OLKFSTUB.DLL [MS] {8BA85C75-763B-4103-94EB-9470F12FE0F7} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {CD55129A-B1A1-438E-A425-CEBC7DC684EE} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} = Microsoft SkyDrive Pro Browser Helper -> {HKLM...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {DB19096C-5365-4164-A246-59FEFF9D8062} = Nameext -> {HKLM...CLSID} = Ondernemingsprojecten \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office15\NAMEEXT.DLL [MS] {E0D79304-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\PROGRA~2\WINZIP\WZSHLS64.DLL [WinZip Computing, S.L.] {E0D79305-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\PROGRA~2\WINZIP\WZSHLS64.DLL [WinZip Computing, S.L.] {E0D79306-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\PROGRA~2\WINZIP\WZSHLS64.DLL [WinZip Computing, S.L.] {E0D79307-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\PROGRA~2\WINZIP\WZSHLS64.DLL [WinZip Computing, S.L.] {472083B0-C522-11CF-8763-00608CC02F24} = avast -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [AVAST Software] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {00F33137-EE26-412F-8D71-F84E4C2C6625} = (no title provided) -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} = Windows Live Photo Gallery Viewer Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} = Windows Live Photo Gallery Editor Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Editor Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F30F90-3E96-453B-AFCD-D71989ECC2C7} = Windows Live Photo Gallery Autoplay Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll [MS] {3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} = Groove Namespace Extension -> {HKLM...Wow...CLSID} = Werkruimten \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} = Microsoft OneNote Namespace Extension for Windows Desktop Search -> {HKLM...Wow...CLSID} = Microsoft OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\ONFILTER.DLL [MS] {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0} -> {HKLM...Wow...CLSID} = ImageExtractorShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\VISSHE.DLL [MS] {D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF} -> {HKLM...Wow...CLSID} = CInfoTipShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\VISSHE.DLL [MS] {72853161-30C5-4D22-B7F9-0BBC1D38A37E} = Groove GFS Browser Helper -> {HKLM...Wow...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {6C467336-8281-4E60-8204-430CED96822D} = Groove GFS Context Menu Handler -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} = Groove GFS Explorer Bar -> {HKLM...Wow...CLSID} = Groove Folder Synchronization \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {16F3DD56-1AF5-4347-846D-7C10C4192619} = Groove Explorer Icon Overlay 3 (GFS Folder) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook -> {HKLM...Wow...CLSID} = Groove GFS Stub Execution Hook \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {A449600E-1DC6-4232-B948-9BD794D62056} = Groove GFS Stub Icon Handler -> {HKLM...Wow...CLSID} = Groove GFS Stub Icon Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} = Groove Explorer Icon Overlay 2 (GFS Stub) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {920E6DB1-9907-4370-B3A0-BAFC03D81399} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {99FD978C-D287-4F50-827F-B2C658EDA8E7} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {387E725D-DC16-4D76-B310-2C93ED4752A0} = Groove XML Icon Handler -> {HKLM...Wow...CLSID} = Groove XML Icon Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] {00020D75-0000-0000-C000-000000000046} = Microsoft Outlook Desktop Icon Handler -> {HKLM...Wow...CLSID} = Microsoft Outlook \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\MLSHEXT.DLL [MS] {0006F045-0000-0000-C000-000000000046} = Microsoft Outlook Custom Icon Handler -> {HKLM...Wow...CLSID} = Outlook File Icon Extension \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...Wow...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office15\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...Wow...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office15\msoshext.dll [MS] {B2260382-5E6E-4EEB-9E6F-1122AC37C1E4} = JtWinShellExt -> {HKLM...Wow...CLSID} = JtWinShellExt \InProcServer32\(Default) = D:\solid edge\Program\win32\PLMVis\bin\JtWinShellExt72.dll [null data] {B28AA736-876B-46DA-B3A8-84C5E30BA492} = Websites -> {HKLM...Wow...CLSID} = Websites \InProcServer32\(Default) = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\WXPNSE.DLL [MS] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} = Microsoft SkyDrive Pro Browser Helper -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] {CD55129A-B1A1-438E-A425-CEBC7DC684EE} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] {8BA85C75-763B-4103-94EB-9470F12FE0F7} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] {E0D79305-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshlstb.dll [WinZip Computing, S.L.] {E0D79304-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshlstb.dll [WinZip Computing, S.L.] {E0D79307-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshlstb.dll [WinZip Computing, S.L.] {E0D79306-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshlstb.dll [WinZip Computing, S.L.] {472083B0-C522-11CF-8763-00608CC02F24} = avast -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ <> {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook -> {HKLM...CLSID} = Groove GFS Stub Execution Hook \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ <> {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook -> {HKLM...CLSID} = Groove GFS Stub Execution Hook \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\ <> AppInit_DLLs = C:\windows\system32\nvinitx.dll,C:\Windows\system32\nvinitx.dll [file not found] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\ <> AppInit_DLLs = C:\windows\SysWOW64\nvinit.dll,C:\Windows\SysWOW64\nvinit.dll [file not found] HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\ <> BootExecute = autocheck autochk *|bootdelete [file not found] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <> text/xml\CLSID = {807583E5-5146-11D5-A672-00B0D022E945} -> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL [MS] HKCU\Software\Classes\*\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [AVAST Software] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software] BTMSentToExt\(Default) = {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} -> {HKLM...CLSID} = CSendToContextMenu Object \InProcServer32\(Default) = C:\Program Files\Motorola\Bluetooth\btmshell.dll [null data] GDContextMenu\(Default) = {BB02B294-8425-42E5-983F-41A1FA970CD6} -> {HKLM...CLSID} = GDContextMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\contextmenu64.dll [Google] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\PROGRA~2\WINZIP\WZSHLS64.DLL [WinZip Computing, S.L.] -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshlstb.dll [WinZip Computing, S.L.] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ 00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [AVAST Software] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] HKCU\Software\Classes\Directory\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ GDContextMenu\(Default) = {BB02B294-8425-42E5-983F-41A1FA970CD6} -> {HKLM...CLSID} = GDContextMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\contextmenu64.dll [Google] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\PROGRA~2\WINZIP\WZSHLS64.DLL [WinZip Computing, S.L.] -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshlstb.dll [WinZip Computing, S.L.] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\ WinZip\(Default) = {E0D79305-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\PROGRA~2\WINZIP\WZSHLS64.DLL [WinZip Computing, S.L.] -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshlstb.dll [WinZip Computing, S.L.] HKCU\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ igfxcui\(Default) = {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} -> {HKLM...CLSID} = GraphicsShellExt Class \InProcServer32\(Default) = C:\Windows\system32\igfxpph.dll [Intel Corporation] NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info -> {HKLM...Wow...CLSID} = PDF Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [AVAST Software] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\PROGRA~2\WINZIP\WZSHLS64.DLL [WinZip Computing, S.L.] -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshlstb.dll [WinZip Computing, S.L.] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\ WinZip\(Default) = {E0D79305-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\PROGRA~2\WINZIP\WZSHLS64.DLL [WinZip Computing, S.L.] -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshlstb.dll [WinZip Computing, S.L.] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\ NoChangingWallpaper = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|Control Panel|Display| Disable changing wallpaper} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ ConsentPromptBehaviorAdmin = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Behavior Of The Elevation Prompt For Administrators In Admin Approval Mode} EnableLUA = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Run All Administrators In Admin Approval Mode} PromptOnSecureDesktop = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Switch to the secure desktop when prompting for elevation} SoftwareSASGeneration = (REG_DWORD) dword:0x00000001 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ SCRNSAVE.EXE = C:\Windows\system32\PhotoScreensaver.scr [MS] Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ MSLivePhotoAcquireDropHandler\ Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.LivePhotoAcqDTShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqDTShim.1\shell\open\DropTarget\CLSID = {00F33137-EE26-412F-8D71-F84E4C2C6625} -> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS] MSLiveShowPicturesOnArrival\ Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.Photos.LiveAutoplayShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = {00F30F90-3E96-453B-AFCD-D71989ECC2C7} -> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS] MSPlayCDAudioOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.AudioCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS] MSPlayDVDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.DVD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS] MSPlaySuperVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPlayVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSWMPBurnCDOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.BurnCD InvokeVerb = Burn HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS] NeroAutoPlay9LaunchNeroStartSmart\ Provider = Nero StartSmart InvokeProgID = Nero.AutoPlay8 InvokeVerb = LaunchNeroStartSmart_HandleCDBurningOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\LaunchNeroStartSmart_HandleCDBurningOnArrival\command\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe /AutoPlay [Nero AG] VLCPlayCDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.CDAudio InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file cdda:///%1 [VideoLAN] VLCPlayDVDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] VLCPlayDVDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.DVDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file dvd:///%1 [VideoLAN] VLCPlayMusicFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] VLCPlaySVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.SVCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.SVCDMovie\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN] VLCPlayVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.VCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.VCDMovie\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN] VLCPlayVideoFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] WIA_{080DA839-78AE-43A7-B363-AB5E86FB3633}\ Provider = EPSON Scan CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Windows\twain_32\escndv\escndv.exe /StiDevice:%1 /StiEvent:%2; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{4A1497F8-ED82-4C4A-BDB4-5E7C2D6D953D}\ Provider = WinZip CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\PROGRA~2\WINZIP\WINZIP32.EXE /wia; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{57F6175A-E58A-4AA0-9B88-632D350A9036}\ Provider = Microsoft Publisher CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.EXE /IMG_WIA; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{6D89D78F-A062-4C9A-8A44-02C4FA75C081}\ Provider = Microsoft Publisher CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files (x86)\Microsoft Office\Office14\MSPUB.EXE /IMG_STI /StiDevice:%1 /StiEvent:%2; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{AA8C36D5-B8D6-4A21-B70A-EF92922A5A2F}\ Provider = WinZip CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files\WinZip\WINZIP64.EXE /wia; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] Startup items in "Gebruiker" & "All Users" startup folders: ----------------------------------------------------------- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup {++} Dropbox (2) -> shortcut to: C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [Dropbox, Inc.] Dropbox -> shortcut to: C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [Dropbox, Inc.] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup {++} Hotkey -> shortcut to: C:\Program Files (x86)\Hotkey\Hotkey.exe [null data] Windows Sidebar Gadgets: {++} ------------------------ C:\Users\Gebruiker\AppData\Local\Microsoft\Windows Sidebar\Settings.ini "C:%5CProgram%20Files%5CWindows%20Sidebar%5CShared%20Gadgets%5CKaspersky.Gadget" "C:%5CProgram%20Files%5CWindows%20Sidebar%5CGadgets%5CClock.Gadget" "C:%5CProgram%20Files%5CWindows%20Sidebar%5CGadgets%5CWeather.Gadget" "C:%5CProgram%20Files%5CWindows%20Sidebar%5CShared%20Gadgets%5CaswSidebar.gadget" Non-disabled Scheduled Tasks: {++} ----------------------------- C:\Windows\System32\Tasks Adobe Flash Player Updater -> launches: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated] avast! Emergency Update -> (HIDDEN!) launches: C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [AVAST Software] CCleanerSkipUAC -> launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd] CreateChoiceProcessTask -> launches: C:\Windows\System32\browserchoice.exe /launch [MS] DefaultCheck -> launches: c:\Users\All Users\dtdata\R002.exe [null data] DefaultReg -> launches: c:\Users\All Users\dtdata\R001.exe [empty string] GoogleUpdateTaskMachineCore -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineUA -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] Microsoft Office 15 Sync Maintenance for test2-Gebruiker test2 -> launches: C:\Program Files\Microsoft Office 15\root\Office15\MsoSync.exe [MS] {0141CE3B-9219-4EFD-A0E9-4D5DEB7F1639} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\GEBRUI~1\AppData\Local\Temp\{B51A6434-000D-4BB0-9CEA-6D5C8BAB8152}\adobeshockwavextrabundle.exe -d C:\Users\Gebruiker\Desktop -c /xtrabundle=FlashAsset [MS] {BE3A7600-90FD-4C8A-8E3C-31225F8BFD50} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YLRT3L40\B2CAppSetup.exe" -d C:\Users\Gebruiker\Desktop [MS] {F7BF2422-EFE0-4D75-BE0F-92FEC658FE5B} -> launches: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE [MS] {F856ADA8-1E14-4653-9762-D5CEBD3EE405} -> launches: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE [MS] C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware Microsoft Antimalware Scheduled Scan -> launches: C:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges [file not found] C:\Windows\System32\Tasks\Microsoft\Office Office 15 Subscription Heartbeat -> launches: %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [file not found] Office Automatic Updates -> launches: C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False [MS] Office Subscription Maintenance -> launches: C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [MS] OfficeTelemetryAgentFallBack -> launches: C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe scan upload mininterval:2880 [MS] OfficeTelemetryAgentLogOn -> launches: C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe scan upload [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience AitAgent -> launches: aitagent [MS] Microsoft Compatibility Appraiser -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy [MS] ProgramDataUpdater -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Autochk Proxy -> launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS] KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c} -> {HKLM...CLSID} = KernelCeipCustomHandler \InProcServer32\(Default) = C:\Windows\System32\kernelceip.dll [MS] UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8} -> {HKLM...CLSID} = UsbCeip \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS] -> {HKLM...Wow...CLSID} = UsbCeip \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3} -> {HKLM...CLSID} = ScheduledDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\sdiagschd.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Location Notifications -> launches: %windir%\System32\LocationNotifications.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Media Center ActivateWindowsSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [MS] ConfigureInternetTimeService -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [MS] DispatchRecoveryTasks -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [MS] ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS] InstallPlayReady -> launches: %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [MS] mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) [MS] mcupdate_scheduled -> launches: %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 [MS] MediaCenterRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [MS] ObjectStoreRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [MS] OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS] OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [MS] PBDADiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [MS] PBDADiscoveryW1 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [MS] PBDADiscoveryW2 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [MS] PvrRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [MS] PvrScheduleTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [MS] RegisterSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [MS] ReindexSearchRoot -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [MS] SqlLiteRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [MS] StartRecording -> launches: %SystemRoot%\ehome\ehrec /StartRecording [MS] UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic CorruptionDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2} -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS] DecompressionFailureDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2} -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E} -> {HKLM...CLSID} = HotStart User Agent \InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MUI Lpksetup -> launches: C:\Windows\System32\lpksetup.exe -v [MS] LPRemove -> launches: %windir%\system32\lpremove.exe [MS] Mcbuilder -> launches: C:\Windows\System32\mcbuilder.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543} -> {HKLM...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace GatherNetworkInfo -> launches: %windir%\system32\gatherNetworkInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics AnalyzeSystem -> launches: %SystemRoot%\System32\powercfg.exe -energy -auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6} -> {HKLM...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS] -> {HKLM...Wow...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Ras MobilityManager -> launches: {c463a0fc-794f-4fdf-9201-01938ceacafa} -> {HKLM...CLSID} = RasMobilityManager \InProcServer32\(Default) = C:\Windows\system32\rasmbmgr.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Registry RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2} -> {HKLM...CLSID} = RegistryIdleBackupHandler \InProcServer32\(Default) = C:\Windows\System32\regidle.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SideShow GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61} -> {HKLM...CLSID} = GadgetsManager Class \InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore SR -> launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4} -> {HKLM...CLSID} = RunTask \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS] -> {HKLM...Wow...CLSID} = RunTask \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip IpAddressConflict1 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS] IpAddressConflict2 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} -> {HKLM...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization SynchronizeTime -> launches: %windir%\system32\sc.exe start w32time task_started [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies ValidationTask -> (HIDDEN!) launches: %SystemRoot%\system32\Wat\WatAdminSvc.exe /run [MS] ValidationTaskDeadline -> (HIDDEN!) launches: %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing UpdateLibrary -> launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup ConfigNotification -> launches: %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wininet CacheTask -> launches: {0358b920-0ac7-461f-98f4-58e32cd89148} -> {HKLM...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS] -> {HKLM...Wow...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows Defender MP Scheduled Scan -> (HIDDEN!) launches: c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan [MS] C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE Extractor Definitions Update Task -> launches: {3519154C-227E-47F3-9CC9-12C3F05817F1} -> {HKLM...Wow...CLSID} = Windows Live Social Object Extractor Engine Definition Updater \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll [MS] C:\Windows\System32\Tasks\WPD SqmUpload_S-1-5-21-1342460353-3148159610-2009843920-1001 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000007\LibraryPath = %SystemRoot%\system32\wshbth.dll [MS] 000000000008\LibraryPath = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000009\LibraryPath = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000007\LibraryPath = %SystemRoot%\system32\wshbth.dll [MS] 000000000008\LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000009\LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 11 HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 11 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ {2318C2B1-4965-11D4-9B18-009027A5CD4F} -> {HKLM...CLSID} = Google Toolbar \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Inc.] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ {2318C2B1-4965-11D4-9B18-009027A5CD4F} = (no title provided) -> {HKLM...CLSID} = Google Toolbar \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Inc.] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\ {2318C2B1-4965-11D4-9B18-009027A5CD4F} = (no title provided) -> {HKLM...Wow...CLSID} = Google Toolbar \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.] Explorer Bars HKLM\SOFTWARE\Classes\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = Groove Folder Synchronization Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = Groove Folder Synchronization Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {2670000A-7350-4F3C-8081-5663EE0C6C49}\ ButtonText = Send to OneNote MenuText = Se&nd to OneNote CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C} -> {HKLM...CLSID} = Send to OneNote from Internet Explorer button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll [MS] {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ ButtonText = Lync Click to Call MenuText = Lync Click to Call CLSIDExtension = {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> {HKLM...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [MS] {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ ButtonText = OneNote Lin&ked Notes MenuText = OneNote Lin&ked Notes CLSIDExtension = {FFFDC614-B694-4AE6-AB38-5D6374584B52} -> {HKLM...CLSID} = Linked Notes button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll [MS] {BD707FE6-39F6-4BDA-9265-86A76719BDC5}\ ButtonText = @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 MenuText = @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 Script = C:\Program Files\Motorola\Bluetooth\btmiesend.htm [null data] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\ {219C3416-8CB2-491A-A3C7-D9FCDDC9D600}\ ButtonText = @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 MenuText = @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 CLSIDExtension = {5F7B1267-94A9-47F5-98DB-E99415F33AEC} -> {HKLM...Wow...CLSID} = BlogThisToolbarButton Class \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [MS] {2670000A-7350-4F3C-8081-5663EE0C6C49}\ ButtonText = Send to OneNote MenuText = Se&nd to OneNote CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C} -> {HKLM...Wow...CLSID} = Send to OneNote from Internet Explorer button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll [MS] {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}\ ButtonText = @C:\Windows\WindowsMobile\INetRepl.dll,-222 CLSIDExtension = {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} -> {HKLM...Wow...CLSID} = Create Mobile Favorite \InProcServer32\(Default) = C:\Windows\WindowsMobile\INetRepl.dll [MS] {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}\ MenuText = @C:\Windows\WindowsMobile\INetRepl.dll,-223 CLSIDExtension = {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} -> {HKLM...Wow...CLSID} = Create Mobile Favorite \InProcServer32\(Default) = C:\Windows\WindowsMobile\INetRepl.dll [MS] {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ ButtonText = Lync Click to Call MenuText = Lync Click to Call CLSIDExtension = {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> {HKLM...Wow...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [MS] {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ ButtonText = OneNote Lin&ked Notes MenuText = OneNote Lin&ked Notes CLSIDExtension = {FFFDC614-B694-4AE6-AB38-5D6374584B52} -> {HKLM...Wow...CLSID} = Linked Notes button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll [MS] {BD707FE6-39F6-4BDA-9265-86A76719BDC5}\ ButtonText = @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 MenuText = @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 Script = C:\Program Files\Motorola\Bluetooth\btmiesend.htm [null data] Miscellaneous IE Hijack Points ------------------------------ HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\ <> InPrivate = res://ieframe.dll/inprivate_win7.htm [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Adobe Acrobat Update Service, AdobeARMservice, "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [Adobe Systems Incorporated] avast! Antivirus, avast! Antivirus, "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [AVAST Software] Bluetooth Device Manager, Bluetooth Device Manager, "C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe" [Motorola, Inc.] Bluetooth Media Service, Bluetooth Media Service, "C:\Program Files\Motorola\Bluetooth\audiosrv.exe" [Motorola, Inc.] Bluetooth OBEX Service, Bluetooth OBEX Service, "C:\Program Files\Motorola\Bluetooth\obexsrv.exe" [Motorola, Inc.] Connectiviteit voor Windows Mobile-2003-apparaten, WcesComm, C:\Windows\system32\svchost.exe -k WindowsMobile {C:\Windows\WindowsMobile\wcescomm.dll [MS]} Connectiviteit voor Windows Mobile-apparaten, RapiMgr, C:\Windows\system32\svchost.exe -k WindowsMobile {C:\Windows\WindowsMobile\rapimgr.dll [MS]} EPSON V3 Service4(04), EPSON_PM_RPCV4_04, C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [SEIKO EPSON CORPORATION] EPSON V5 Service4(04), EPSON_EB_RPCV4_04, C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [SEIKO EPSON CORPORATION] EpsonBidirectionalService, EpsonBidirectionalService, C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [SEIKO EPSON CORPORATION] FLEXnet Licensing Service 64, FLEXnet Licensing Service 64, "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe" [Macrovision Europe Ltd.] Google Update-service (gupdate), gupdate, "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [Google Inc.] Intel(R) Management and Security Application Local Management Service, LMS, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [Intel Corporation] Intel(R) Management and Security Application User Notification Service, UNS, "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [Intel Corporation] Intel(R) Rapid Storage Technology, IAStorDataMgrSvc, "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" [null data] Microsoft Office ClickToRun Service, ClickToRunSvc, "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service [MS] Nero BackItUp Scheduler 4.0, Nero BackItUp Scheduler 4.0, C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [Nero AG] NVIDIA Display Driver Service, NVSvc, "C:\Windows\system32\nvvsvc.exe" [NVIDIA Corporation] NVIDIA Update Service Daemon, nvUpdatusService, "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" [NVIDIA Corporation] Office Software Protection Platform, osppsvc, "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [MS] PowerBiosServer, PowerBiosServer, "C:\Program Files (x86)\Hotkey\PowerBiosServer.exe" [null data] Sentinel Local License Manager, hasplms, C:\Windows\system32\hasplms.exe -run [SafeNet Inc.] Windows Live ID Sign-in Assistant, wlidsvc, "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [MS] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <> hitmanpro37, <> hitmanpro37.sys, <> HitmanPro37Crusader, <> HitmanPro37CrusaderBoot, <> PEVSystemStart, Service HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <> hitmanpro37, <> hitmanpro37.sys, <> HitmanPro37Crusader, <> HitmanPro37CrusaderBoot, <> PEVSystemStart, Service Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ CutePDF Writer Monitor\Driver = cpwmon64.dll [null data] EPSON SX420W Series 64MonitorBE\Driver = E_ILMGCE.DLL [SEIKO EPSON CORPORATION] EpsonNet Print Port\Driver = enppmon.dll [SEIKO EPSON CORPORATION] PDFill Writer Monitor\Driver = C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll [Windows (R) Codename Longhorn DDK provider] <>: Suspicious data at a browser hijack point. ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWTCWA09 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=804 folders=107 31191180 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Users\TEMP\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWTCWA09" not found ==== EOF on zo 28/12/2014 at 21:01:25,26 ======================