Zoek.exe v5.0.0.0 Updated 18-01-2015 Tool run by Nelleke on do 22-01-2015 at 15:16:00,68. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Nelleke\Desktop\zoek.exe [Scan all users] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\LuckyTab\LuckyTab.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Program Files (x86)\XTab\ProtectService.exe C:\Program Files (x86)\XTab\cmdshell.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\11n USB Wireless LAN Utility\RtlService.exe C:\Program Files (x86)\11n USB Wireless LAN Utility\RtWlan.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\XTab\HPNotify.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\alg.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Users\Nelleke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\QuickTime\QTTask.exe C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe c:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpressServer.exe C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE C:\PROGRA~2\CYBERL~1\SHARED~1\RICHVI~1.EXE C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Windows\system32\DllHost.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Nelleke\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe ==== System Restore Info ====================== 22-1-2015 15:20:24 Zoek.exe System Restore Point Created Succesfully. ==== Windows Installer Info ====================== Adobe AIR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\74CEABB70CC18BC4DA4B35B187BD1DDD]c:\Windows\Installer\2d4eab7d.msi Adobe Reader XI (11.0.10) - Nederlands [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA73401B744BA0000000010]C:\Windows\Installer\7516617.msi Adobe Refresh Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA408033019195008120111403]C:\Windows\Installer\2cefc.msi Apple Application Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ED0FAC38B3D873C46A13B2F861CE0313]C:\Windows\Installer\1c616fe7.msi Apple Mobile Device Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\09699DDB14539164D9A2C3DD3B1EF5E9]C:\Windows\Installer\1c617229.msi Apple Software Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\46B5A9879DD95AB419A50FCFA0B1B7EF]C:\Windows\Installer\5761de3.msi Bonjour [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B0163E6D0340BE4183EB2758E9BEDD8]C:\Windows\Installer\5761c60.msi Brother P-touch Address Book 1.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7103202B4EED7F44A817AC0648FB35C4]C:\Windows\Installer\d4c863.msi Brother P-touch Editor 5.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\09307293158AB4E4499A5D4C8612E63D]C:\Windows\Installer\d4caaf.msi Brother P-touch Update Software [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D187DC2F477475468179575FAF451D9]C:\Windows\Installer\d4c7cd.msi Brother QL-Series Software User's Guide [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2BAC242AC0789CA4A8EF4373D93938DC]C:\Windows\Installer\4734c04.msi Cisco EAP-FAST Module [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7810FB462D3FB89499AE61A39FEAE69C]C:\Windows\Installer\2f65c0ff.msi Cisco LEAP Module [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\70DA7C156F3C5364E8A83231608D01EF]C:\Windows\Installer\2f65c113.msi Cisco PEAP Module [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D6775DE4B957B64FA18F5D2497D6C04]C:\Windows\Installer\2f65c109.msi D3DX10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7BD4C90EC03660F46A13E87A329932FA]C:\Windows\Installer\1baec5.msi dLAN Cockpit [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1F2717A91F66F306E74553BE9B6F2ECE]C:\Windows\Installer\581b8586.msi ESET Smart Security [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BB945B5564C914844AED6F95C4740AB5]C:\Windows\Installer\5cc4441.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\Windows\Installer\65e370ca.msi Hewlett-Packard ACLM.NET v1.2.1.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\701043F6AA9F6C745BC43C1AF91155F3]C:\Windows\Installer\24198040.msi HP [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\18143A19DAF9BA343AF57E8A49B5E7C1]C:\Windows\Installer\24230.msi HP [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\782BB4BF9F7372E4C9D4D283280EE8FF]C:\Windows\Installer\24201.msi HP [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\970DACCDC29FAD442B8526F46C15A7A5]C:\Windows\Installer\24206.msi HP [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ADBE3203B1FB13843B745E1058552FE6]C:\Windows\Installer\241fc.msi HP Advisor [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C7D8BF048FF62FA4CBB8B0D13BA20FB4]C:\Windows\Installer\ee254ac.msi HP Customer Experience Enhancements [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0694AF70830BBE9498B1F95939A05A44]C:\Windows\Installer\24257.msi HP MediaSmart SmartMenu [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\53FA80B5996B44A4BB98E3157E60118E]C:\Windows\Installer\241f7.msi HP Odometer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\98A1CA8B1DFF79F408155E501A065F26]C:\Windows\Installer\24194.msi HP Support Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\114202EE62C28E947948B11CBD7FED69]C:\Windows\Installer\24198037.msi HP Support Information [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B7B30A9BFF0E3BF4AB3867E2851A0BAA]C:\Windows\Installer\241c5.msi HP Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F3EF77EDD33AA99478DAF54C6016B704]c:\Windows\Installer\241b9.msi HP Vision Hardware Diagnostics [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9E20A97D317653346986AA7C74C4C0E0]c:\Windows\Installer\24294.msi iCloud [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4A867903BB2A03945A2A189676C8B9C4]C:\Windows\Installer\e3b68ee.msi iTunes [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\19DBBBA25E197DA429A9EF511DCD5067]C:\Windows\Installer\1c6182c6.msi Java 7 Update 71 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF230120717FF]C:\Windows\Installer\405460d3.msi Java(TM) 6 Update 26 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF268140662FF]C:\Windows\Installer\bec41.msi LabelPrint [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C971C95CD8669A946BAE1012CCCF2134]c:\Windows\Installer\241f0.msi LibreOffice 4.3.2.2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C99F31C9A1E66214EA19AE2AADED806D]C:\Windows\Installer\9f4fe83.msi LightScribe Applications [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\07352F1656474044EB826492FB086899]C:\Windows\Installer\64bb030.msi LightScribe System Software [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1CF55E0ED35CD8F41BB45BC91372748C]C:\Windows\Installer\3c1d36f.msi LightScribe Template Labeler [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FEF32534E8D92754BB11E019D463E6A0]C:\Windows\Installer\64bb038.msi MediaSmart Photo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CDC8FAD640B9B3140A2FCB1CC38F5AFB]C:\Windows\Installer\24216.msi MediaSmart Video [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F7E3E21D31B133949A51617CDD730A59]C:\Windows\Installer\24226.msi Microsoft .NET Framework 4.5.1 (NLD) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2FA0BBE92DA4ABA359FE79E7EB1ABC90]C:\Windows\Installer\63eedb9.msi Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BE4EBED704B66673BB53C5BB3C58AD73]C:\Windows\Installer\23f3500c.msi Microsoft Access database engine 2010 (English) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000041091D0090400000000000F01FEC]C:\Windows\Installer\d4ca84.msi Microsoft Application Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021599B0090400100000000F01FEC]C:\Windows\Installer\1bae8e.msi Microsoft Office Klik-en-Klaar 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109D60031400100000000F01FEC]C:\Windows\Installer\14f20ba8.msi Microsoft PowerPoint Viewer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004159FA0031400000000000F01FEC]C:\Windows\Installer\2bb89fc.msi Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]c:\Windows\Installer\49c18.msi Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B7573E6B77E5519368A6CCCFB4D891C4]c:\Windows\Installer\4bccf6d.msi Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D756077321A70C3E844C138CE981581]c:\Windows\Installer\4bccf74.msi Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4ccf9caae9dddda409c15b94a670bae2]C:\Windows\Installer\390ce96f.msi Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1af2a8da7e60d0b429d7e6453b3d0182]C:\Windows\Installer\af376d6.msi Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\84b9c17023c712640acaf308593282f8]C:\Windows\Installer\24186.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3e43b73803c7c394f8a6b2f0402e19c2]C:\Windows\Installer\42ff2e67.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\af37702.msi Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A3878338869058B3FA7CABEAA036CD05]c:\Windows\Installer\390ce950.msi Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E58EC68CABDDFF39B774E7BF9389C90]c:\Windows\Installer\390ce95a.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC]c:\Windows\Installer\2418d.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1007C6B46D7C017319E3B52CF3EC196E]c:\Windows\Installer\242a4.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]C:\Windows\Installer\af37760.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6F9E66FF7E38E3A3FA41D89E8A906A4A]c:\Windows\Installer\a574122.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]c:\Windows\Installer\2417f.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]c:\Windows\Installer\2429c.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]C:\Windows\Installer\af3776a.msi Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]C:\Windows\Installer\3be7d92.msi MobileMe Control Panel [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3FF10DD6EC36B63469BD1663E3AAE48B]C:\Windows\Installer\338ae8ac.msi MSVCRT [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6C64DD86500CEF47BA082BB611A1FF1]C:\Windows\Installer\1baec1.msi MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDA39468D428E8B4DB27C8D5DC5CA217]c:\Windows\Installer\4bccf7c.msi MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8A266FCD4F2A1409E1C8110F44DBCE]c:\Windows\Installer\4bccf90.msi MSXML 4.0 SP3 Parser (KB2758694) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\09AB59D18F4FCE748A2844C1993DC0E1]C:\Windows\Installer\63b2ce2.msi MSXML 4.0 SP3 Parser [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1F764691F11C67F458B88521DA8CB349]C:\Windows\Installer\3c1d379.msi MusicStation [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36F7E47EF07E2f3478F353BF662F362B]C:\Windows\Installer\159e9a.msi NVIDIA PhysX [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\600908A8A52CA3A4D9BA4956B9DC1B70]c:\Windows\Installer\1d63e.msi Office 15 Click-to-Run Extensibility Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109C80000000000000000F01FEC]C:\Windows\Installer\1d602801.msi Office 15 Click-to-Run Licensing Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109F80000000100000000F01FEC]C:\Windows\Installer\1d602744.msi Office 15 Click-to-Run Localization Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109C80031400000000000F01FEC]C:\Windows\Installer\1d602768.msi OpenOffice 4.1.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D419DF982744F4E46883968E758ED29C]C:\Windows\Installer\56e40.msi PhotoNow [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\623DD63D08278D11798C00109267C0EB]c:\Windows\Installer\241e6.msi PlayReady PC Runtime amd64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4339ACB9C6B56F4A937CAA523A9D440]C:\Windows\Installer\2425b.msi Power2Go [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\38E1FB04BE028D11795C00905C206085]c:\Windows\Installer\241eb.msi PowerDirector [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\098990BCF5D15D11E99A0005AB3E711E]c:\Windows\Installer\241db.msi PowerRecover [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BA0A2B44E214C8F40B851D8EEACCFD5F]c:\Windows\Installer\241b2.msi PowerStarter [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\42C6FBF1DF1C10144AB2C065F4E9E897]c:\Windows\Installer\241d6.msi QuickTime 7 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C2CBC2D34D56364478BABBC258C9F1E3]C:\Windows\Installer\226a3478.msi Reader for PC [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3C2703A83AE8EDC43B24886EF7BA605E]C:\Windows\Installer\37a300f6.msi Seagate DiscWizard [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\410A2BF80B0A8D24E881A9CFA6E68241]C:\Windows\Installer\f0257f0.msi System Requirements Lab for Intel [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CF76017CF882B0E4886C44FDAD38112E]C:\Windows\Installer\10dc722.msi UPC Fiber Power Optimizer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DA141136AA97F7444B30127C403DB9C8]C:\Windows\Installer\2a749563.msi Windows Live Communications Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3D04254D3B6B9FF42B3445CE3E1E0066]C:\Windows\Installer\1baed6.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B53C70A248384AD4A95944B2C6980A37]C:\Windows\Installer\1baf27.msi Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26ABA8B10F47DE741BC84A13825E198B]C:\Windows\Installer\1bae8a.msi Windows Live Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F132F0B0A6ECD384AA32773B467F9571]C:\Windows\Installer\1baea9.msi Windows Live Language Selector [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5E16A70DC95AC334CBDB2220F52A82B7]C:\Windows\Installer\1bae92.msi Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C55EC23CAB21159478799076DFFE55F6]C:\Windows\Installer\45a575.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\624365A647436C148B74243BF941582B]C:\Windows\Installer\1baf43.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\884FD4BEFEAAF6043A14BCA2AA13B509]C:\Windows\Installer\1baf0b.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D262DB9887B64540A5A4F5FE63C38B4]C:\Windows\Installer\1baf34.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6ACDB9A3563B764CA384963D73AFB3E]C:\Windows\Installer\1baeea.msi Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B292C385A83B0447A137070E0186AF4]C:\Windows\Installer\1baee6.msi Windows Live SOXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4E3B286A696ED244AC1C470AE61874B]C:\Windows\Installer\1baecd.msi Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26CEF00243C306D4C98ECE73E2100CF8]C:\Windows\Installer\1baec9.msi Windows Live UX Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E97A59ECCF4EFFF4A857920FB449F22F]C:\Windows\Installer\1bae96.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9FC52F6D78E4BE343B421CB29EDC6D86]C:\Windows\Installer\1baf23.msi ==== Empty Folders Check ====================== C:\PROGRA~2\PhotoInstrument deleted successfully C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\Package Cache deleted successfully C:\Users\Nelleke\AppData\Roaming\AccurateRip deleted successfully C:\Users\Nelleke\AppData\Roaming\DigitalSites deleted successfully C:\Users\Nelleke\AppData\Roaming\EncryptStick deleted successfully C:\Users\Nelleke\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Gast\AppData\Local\PDFC deleted successfully C:\Users\Nelleke\AppData\Local\cache deleted successfully C:\Users\Nelleke\AppData\Local\PDFC deleted successfully ==== Checking Systemdrive for Symlinks ====================== De volumenaam van station C is OS Het volumenummer is 3E77-1909 Map van C:\ 14-07-2009 06:08 Documents and Settings [C:\Users] 0 bestand(en) 0 bytes Map van C:\ProgramData 14-07-2009 06:08 Application Data [C:\ProgramData] 14-07-2009 06:08 Desktop [C:\Users\Public\Desktop] 14-07-2009 06:08 Documents [C:\Users\Public\Documents] 14-07-2009 06:08 Favorites [C:\Users\Public\Favorites] 14-07-2009 06:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14-07-2009 06:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users 14-07-2009 06:08 All Users [C:\ProgramData] 14-07-2009 06:08 Default User [C:\Users\Default] 0 bestand(en) 0 bytes Map van C:\Users\All Users 14-07-2009 06:08 Application Data [C:\ProgramData] 14-07-2009 06:08 Desktop [C:\Users\Public\Desktop] 14-07-2009 06:08 Documents [C:\Users\Public\Documents] 14-07-2009 06:08 Favorites [C:\Users\Public\Favorites] 14-07-2009 06:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14-07-2009 06:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Default 14-07-2009 06:08 Application Data [C:\Users\Default\AppData\Roaming] 14-07-2009 06:08 Local Settings [C:\Users\Default\AppData\Local] 14-07-2009 06:08 My Documents [C:\Users\Default\Documents] 14-07-2009 06:08 NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 14-07-2009 06:08 PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 14-07-2009 06:08 Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 14-07-2009 06:08 SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 14-07-2009 06:08 Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 14-07-2009 06:08 Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Default\AppData\Local 14-07-2009 06:08 Application Data [C:\Users\Default\AppData\Local] 14-07-2009 06:08 History [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 14-07-2009 06:08 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Default\Documents 14-07-2009 06:08 My Music [C:\Users\Default\Music] 14-07-2009 06:08 My Pictures [C:\Users\Default\Pictures] 14-07-2009 06:08 My Videos [C:\Users\Default\Videos] 0 bestand(en) 0 bytes Map van C:\Users\erik 17-03-2013 21:14 Application Data [C:\Users\erik\AppData\Roaming] 17-03-2013 21:14 Cookies [C:\Users\erik\AppData\Roaming\Microsoft\Windows\Cookies] 17-03-2013 21:14 Local Settings [C:\Users\erik\AppData\Local] 17-03-2013 21:14 Menu Start [C:\Users\erik\AppData\Roaming\Microsoft\Windows\Start Menu] 17-03-2013 21:14 Mijn documenten [C:\Users\erik\Documents] 17-03-2013 21:14 NetHood [C:\Users\erik\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 17-03-2013 21:14 Netwerkprinteromgeving [C:\Users\erik\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 17-03-2013 21:14 Recent [C:\Users\erik\AppData\Roaming\Microsoft\Windows\Recent] 17-03-2013 21:14 SendTo [C:\Users\erik\AppData\Roaming\Microsoft\Windows\SendTo] 17-03-2013 21:14 Sjablonen [C:\Users\erik\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\erik\AppData\Local 17-03-2013 21:14 Application Data [C:\Users\erik\AppData\Local] 17-03-2013 21:14 Geschiedenis [C:\Users\erik\AppData\Local\Microsoft\Windows\History] 17-03-2013 21:14 Temporary Internet Files [C:\Users\erik\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\erik\AppData\Roaming\Microsoft\Windows\Start Menu 17-03-2013 21:14 Programma's [C:\Users\erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\erik\Documents 17-03-2013 21:14 Mijn afbeeldingen [C:\Users\erik\Pictures] 17-03-2013 21:14 Mijn muziek [C:\Users\erik\Music] 17-03-2013 21:14 Mijn video's [C:\Users\erik\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Gast 09-06-2014 18:58 Application Data [C:\Users\Gast\AppData\Roaming] 09-06-2014 18:58 Cookies [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Cookies] 09-06-2014 18:58 Local Settings [C:\Users\Gast\AppData\Local] 09-06-2014 18:58 Menu Start [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu] 09-06-2014 18:58 Mijn documenten [C:\Users\Gast\Documents] 09-06-2014 18:58 NetHood [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 09-06-2014 18:58 Netwerkprinteromgeving [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 09-06-2014 18:58 Recent [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Recent] 09-06-2014 18:58 SendTo [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\SendTo] 09-06-2014 18:58 Sjablonen [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Gast\AppData\Local 09-06-2014 18:58 Application Data [C:\Users\Gast\AppData\Local] 09-06-2014 18:58 Geschiedenis [C:\Users\Gast\AppData\Local\Microsoft\Windows\History] 09-06-2014 18:58 Temporary Internet Files [C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu 09-06-2014 18:58 Programma's [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\Gast\Documents 09-06-2014 18:58 Mijn afbeeldingen [C:\Users\Gast\Pictures] 09-06-2014 18:58 Mijn muziek [C:\Users\Gast\Music] 09-06-2014 18:58 Mijn video's [C:\Users\Gast\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Nelleke 15-01-2011 16:47 Application Data [C:\Users\Nelleke\AppData\Roaming] 15-01-2011 16:47 Cookies [C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Cookies] 15-01-2011 16:47 Local Settings [C:\Users\Nelleke\AppData\Local] 15-01-2011 16:47 Menu Start [C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Start Menu] 15-01-2011 16:47 Mijn documenten [C:\Users\Nelleke\Documents] 15-01-2011 16:47 NetHood [C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 15-01-2011 16:47 Netwerkprinteromgeving [C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 15-01-2011 16:47 Recent [C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Recent] 15-01-2011 16:47 SendTo [C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\SendTo] 15-01-2011 16:47 Sjablonen [C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Nelleke\AppData\Local 15-01-2011 16:47 Application Data [C:\Users\Nelleke\AppData\Local] 15-01-2011 16:47 Geschiedenis [C:\Users\Nelleke\AppData\Local\Microsoft\Windows\History] 15-01-2011 16:47 Temporary Internet Files [C:\Users\Nelleke\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Start Menu 15-01-2011 16:47 Programma's [C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\Nelleke\Documents 15-01-2011 16:47 Mijn afbeeldingen [C:\Users\Nelleke\Pictures] 15-01-2011 16:47 Mijn muziek [C:\Users\Nelleke\Music] 15-01-2011 16:47 Mijn video's [C:\Users\Nelleke\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Public\Documents 14-07-2009 06:08 My Music [C:\Users\Public\Music] 14-07-2009 06:08 My Pictures [C:\Users\Public\Pictures] 14-07-2009 06:08 My Videos [C:\Users\Public\Videos] 0 bestand(en) 0 bytes Map van C:\Users\UpdatusUser 13-12-2011 21:27 Application Data [C:\Users\UpdatusUser\AppData\Roaming] 13-12-2011 21:27 Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies] 13-12-2011 21:27 Local Settings [C:\Users\UpdatusUser\AppData\Local] 13-12-2011 21:27 Menu Start [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu] 13-12-2011 21:27 Mijn documenten [C:\Users\UpdatusUser\Documents] 13-12-2011 21:27 NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 13-12-2011 21:27 Netwerkprinteromgeving [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 13-12-2011 21:27 Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent] 13-12-2011 21:27 SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo] 13-12-2011 21:27 Sjablonen [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\UpdatusUser\AppData\Local 13-12-2011 21:27 Application Data [C:\Users\UpdatusUser\AppData\Local] 13-12-2011 21:27 Geschiedenis [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History] 13-12-2011 21:27 Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu 13-12-2011 21:27 Programma's [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\UpdatusUser\Documents 13-12-2011 21:27 Mijn afbeeldingen [C:\Users\UpdatusUser\Pictures] 13-12-2011 21:27 Mijn muziek [C:\Users\UpdatusUser\Music] 13-12-2011 21:27 Mijn video's [C:\Users\UpdatusUser\Videos] 0 bestand(en) 0 bytes Totaal aantal weergegeven bestanden: 0 bestand(en) 0 bytes 101 map(pen) 830.593.740.800 bytes beschikbaar ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} deleted successfully HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Internet Explorer\SearchScopes\{D1221A34-81CE-4B3D-81E4-7AED338CCC73} deleted successfully HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Classes\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ęTorrent Adobe AIR Adobe Flash Player 16 ActiveX Adobe Flash Player 16 NPAPI Adobe Reader XI (11.0.10) - Nederlands Adobe Refresh Manager Agatha Christie - Death on the Nile Apple Application Support Apple Mobile Device Support Apple Software Update Bejeweled 2 Deluxe Bejeweled 3 Blackhawk Striker 2 Bonjour Brother P-touch Address Book 1.1 Brother P-touch Editor 5.1 Brother P-touch Update Software Brother QL-Series Software User's Guide Browserinvoegtoepassingen voor Microsoft Office op aanvraag BurnAware Professional 7.1 CCleaner Check Point Deployment Shell Chuzzle Deluxe Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CollageIt 1.9.3 ConvertXtoDVD 4.0.9.322 CyberLink DVD Suite Deluxe D3DX10 Defraggler devolo dLAN Cockpit Dora's Carnival Adventure Dropbox DVD Menu Pack for HP MediaSmart Video DVD Shrink Pro Escape Rosecliff Island ESET Smart Security Express Burn Disc Burning Software Facebook Video Calling 3.1.0.521 Farmington Tales FATE Final Drive Nitro GemistDownloader Google Chrome Google Talk Plugin Google Update Helper HandBrake 0.9.6 Hewlett-Packard ACLM.NET v1.2.1.1 HP Advisor HP Customer Experience Enhancements HP Games HP MAINSTREAM KEYBOARD HP MediaSmart DVD HP MediaSmart Music HP MediaSmart Photo HP MediaSmart SmartMenu HP Odometer HP Product Detection HP Setup HP Support Assistant HP Support Information HP Update HP Vision Hardware Diagnostics iCloud ImgBurn (Remove Only) Intel(R) Management Engine Components Intel(R) Rapid Storage Technology iTunes Java 7 Update 71 Java Auto Updater Java(TM) 6 Update 26 (64-bit) Jewel Quest - Heritage LabelPrint LibreOffice 4.3.2.2 LightScribe Applications LightScribe System Software LightScribe Template Labeler Malwarebytes Anti-Malware versie 2.0.4.1028 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Access database engine 2010 (English) Microsoft Application Error Reporting Microsoft Office 365 - nl-nl Microsoft Office Klik-en-Klaar 2010 Microsoft Office Professional Plus 2013 - nl-nl Microsoft Office Starter 2010 - Nederlands Microsoft OneDrive Microsoft PowerPoint Viewer Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Web Publishing Wizard 1.52 MobileMe Control Panel More Games from HP Games Movie Theme Pack for HP MediaSmart Video Mozilla Firefox 35.0 (x86 nl) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) MusicStation NVIDIA-configuratiescherm 331.82 NVIDIA Install Application NVIDIA PhysX NVIDIA Update 1.7.12 NVIDIA Update Components Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component ONES (E) OpenOffice 4.1.1 Penguins PhotoNow Picasa 3 Plants vs. Zombies PlayReady PC Runtime amd64 Poker Superstars III Polar Bowler Polar Golfer Power2Go PowerDirector PrintMaster QuickTime 7 Reader for PC Realtek High Definition Audio Driver Recovery Manager Remote Desktop Access (VuuPC) Seagate DiscWizard Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Softwarenetz Adressen3 Spotify System Requirements Lab for Intel TeamViewer 10 UPC Fiber Power Optimizer Verzoek of wijziging voorlopige aanslag 2014 Virtual Villagers - The Secret City VLC media player 1.0.1 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Messenger Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR Wireless LAN Driver and Utility YTD Video Downloader 4.8.6 Zuma Deluxe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IHProtect Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IHProtect Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\erik\AppData\Roaming\Mozilla\Firefox\Profiles\is1p0ty0.default ---- Lines irspeeddial removed from user.js ---- user_pref("extensions.irspeeddial.aflt", "fxtb103"); user_pref("extensions.irspeeddial.instlRef", ""); user_pref("extensions.irspeeddial.cr", "348314223"); user_pref("extensions.irspeeddial.cd", "2XzuyEtN2Y1L1QzuyC0CyCtByC0DyB0EyE0ByEzztCzytDzytN0D0Tzu0SyByDtDtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1Czu"); ---- FireFox user.js and prefs.js backups ---- user_22-01-2015_1536_.backup prefs_15-12-2013_2004_.backup prefs_22-01-2015_1536_.backup ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\7icxe948.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_22-01-2015_1536_.backup ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\b6hp15ti.default ---- Lines irspeeddial removed from user.js ---- user_pref("extensions.irspeeddial.aflt", "fxtb103"); user_pref("extensions.irspeeddial.instlRef", ""); user_pref("extensions.irspeeddial.cr", "348314223"); user_pref("extensions.irspeeddial.cd", "2XzuyEtN2Y1L1QzuyC0CyCtByC0DyB0EyE0ByEzztCzytDzytN0D0Tzu0SyByDtDtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1Czu"); ---- FireFox user.js and prefs.js backups ---- user_22-01-2015_1536_.backup prefs_15-12-2013_2004_.backup prefs_22-01-2015_1536_.backup ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005 user.js not found ---- Lines AtuZi removed from prefs.js ---- user_pref("extensions.AtuZi.aul", "1407781677168"); user_pref("extensions.AtuZi.irl", true); user_pref("extensions.AtuZi.is", "cbslugp8"); user_pref("extensions.AtuZi.ug", "30005699-63EA-431B-B31E-1FB56839C178"); ---- Lines Jotzey removed from prefs.js ---- user_pref("extensions.Jotzey.aul", "1393100407096"); user_pref("extensions.Jotzey.irl", true); user_pref("extensions.Jotzey.is", "cbslugp5"); user_pref("extensions.Jotzey.ug", "9CC327FF-670C-4E0E-906B-B2B9981DFA7F"); ---- Lines nspdl removed from prefs.js ---- user_pref("extensions.nspdl.aflt", "fxtb103"); user_pref("extensions.nspdl.cd", "2XzuyEtN2Y1L1QzuyC0CyCtByC0DyB0EyE0ByEzztCzytDzytN0D0Tzu0SyByDtDtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1Czu"); user_pref("extensions.nspdl.cr", "348314223"); user_pref("extensions.nspdl.data.instlDate", "20140119"); user_pref("extensions.nspdl.general.firstRun", false); user_pref("extensions.nspdl.general.guid", "44f52393-f0d4-4eb3-93b5-1512ce9bacb9"); user_pref("extensions.nspdl.general.version", "9.5.1"); ---- Lines irspeeddial removed from prefs.js ---- user_pref("extensions.irspeeddial.aflt", "fxtb103"); user_pref("extensions.irspeeddial.cd", "2XzuyEtN2Y1L1QzuyC0CyCtByC0DyB0EyE0ByEzztCzytDzytN0D0Tzu0SyByDtDtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1Czu"); user_pref("extensions.irspeeddial.cr", "348314223"); user_pref("extensions.irspeeddial.instlRef", ""); ---- Lines webssearch removed from prefs.js ---- user_pref("browser.search.defaultenginename", "webssearches"); user_pref("browser.search.searchengine.alias", "webssearches"); user_pref("browser.search.searchengine.iconURL", "http://istart.webssearches.com/web/favicon.ico"); user_pref("browser.search.searchengine.name", "webssearches"); user_pref("browser.search.searchengine.url", "http://istart.webssearches.com/web/?type=dspp&ts=1421861775&from=exp&uid=ST31500341AS_9VS4JM6Y&q={search user_pref("browser.search.selectedEngine", "webssearches"); user_pref("browser.startup.homepage", "http://istart.webssearches.com/?type=hppp&ts=1421861775&from=exp&uid=ST31500341AS_9VS4JM6Y"); ---- Lines mindspark removed from prefs.js ---- user_pref("extensions.toolbar.mindspark._12Members_.lastActivePing", "1418157660809"); user_pref("extensions.toolbar.mindspark._12Members_.weather.location", "10001"); user_pref("extensions.toolbar.mindspark.lastInstalled", "myscrapnook@mindspark.com"); ---- Lines quick_start removed from prefs.js ---- user_pref("browser.newtab.url", "chrome://quick_start/content/index.html"); user_pref("extensions.quick_start.enable_search1", false); user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); ---- FireFox user.js and prefs.js backups ---- prefs_15-12-2013_2004_.backup prefs_22-01-2015_1536_.backup ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\mwdbv0eh.default ---- Lines irspeeddial removed from user.js ---- user_pref("extensions.irspeeddial.aflt", "fxtb103"); user_pref("extensions.irspeeddial.instlRef", ""); user_pref("extensions.irspeeddial.cr", "348314223"); user_pref("extensions.irspeeddial.cd", "2XzuyEtN2Y1L1QzuyC0CyCtByC0DyB0EyE0ByEzztCzytDzytN0D0Tzu0SyByDtDtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1Czu"); ---- FireFox user.js and prefs.js backups ---- user_22-01-2015_1536_.backup prefs_15-12-2013_2004_.backup prefs_22-01-2015_1536_.backup ProfilePath: C:\Users\Nelleke\AppData\Roaming\Thunderbird\Profiles\2j53e4is.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_22-01-2015_1536_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Deleting Files \ Folders ====================== C:\PROGRA~3\29119 deleted C:\PROGRA~3\HostIt deleted C:\Users\Nelleke\daemonprocess.txt deleted C:\Users\Nelleke\.android deleted C:\PROGRA~2\XTab deleted C:\PROGRA~2\GreenTree Applications deleted C:\Users\Nelleke\AppData\Roaming\WB.CFG deleted C:\Users\Nelleke\AppData\Roaming\VOPackage deleted C:\Users\Nelleke\AppData\Roaming\Wondershare deleted C:\Users\Nelleke\AppData\Roaming\burnaware.ini deleted C:\Users\Nelleke\AppData\Roaming\DVDSubEdit.ini deleted C:\Users\Nelleke\AppData\Roaming\AlawarEntertainment deleted C:\Users\Nelleke\AppData\Roaming\ParetoLogic deleted C:\PROGRA~3\IHProtectUpDate deleted C:\PROGRA~3\ParetoLogic deleted C:\PROGRA~3\YTD Video Downloader deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\InstallMate deleted C:\PROGRA~3\WindowsMangerProtect deleted C:\Users\Nelleke\AppData\Local\Wondershare deleted C:\Users\Nelleke\AppData\Local\iMesh deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage deleted C:\Users\Nelleke\AppData\LocalLow\SkwConfig.bin deleted C:\Windows\wininit.ini deleted C:\windows\SysNative\tasks\LuckyTab deleted C:\Windows\tasks\Digital Sites.job deleted C:\Windows\tasks\FoxTab.job deleted C:\windows\SysNative\tasks\FoxTab deleted C:\windows\SysNative\tasks\YourFileDownloader Installer Starter deleted C:\windows\SysNative\drivers\{2c1d8860-89c9-450e-a117-95f496764507}Gw64.sys deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted C:\Users\erik\AppData\Roaming\Mozilla\Firefox\Profiles\is1p0ty0.default\extensions\staged deleted C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\b6hp15ti.default\extensions\staged deleted C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\searchplugins\webssearches.xml deleted C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\jetpack deleted C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\mwdbv0eh.default\extensions\staged deleted C:\Users\Public\Desktop\YTD Video Downloader.lnk deleted C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\nspdl deleted C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\InboxAce_1g deleted "C:\PROGRA~2\LuckyTab\LuckyTab.exe" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted "C:\PROGRA~2\LuckyTab" deleted "C:\PROGRA~2\COMMON~1\Wondershare" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 6104 MB CPU Info: Intel(R) Core(TM) i7 CPU 870 @ 2.93GHz CPU Speed: 2969.9 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce GT 440 | NVIDIA GeForce GT 440 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; HP 2310 Series Wide LCD Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: hp CDDVDW TS-H653R Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 1384.1GB | D: 13.1GB | Q: 0.0MB | Z: 2794.4GB Hard Disks - Free: C: 773.5GB | D: 12.6GB | Q: 0.0MB | Z: 612.7GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 11/05/10 | HPQOEM - 20101105 Time Zone: West-Europa (standaardtijd) Motherboard *: MSI 2A9C Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: ESET Smart Security 4.0 On-access scanning disabled (Outdated) Anti-Spyware: ESET Smart Security 4.0 disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: ESET Persoonlijke firewall disabled Default Browser: Firefox 35.0 Internet Explorer Version: 11.0.9600.17501 Mozilla Firefox version: 35.0 (x86 nl) Google Chrome version: 39.0.2171.99 Adobe Reader version: 11.0.10.32 Sun Java version: 1.7.0_71 (32-bit) Sun Java version: 1.6.0_26 (64-bit) Flash Player version: 16.0.0.257 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Nelleke\AppData\Local\Temp ==== 2015-01-22 07:51:41 FA8C0C1B0060D285CA7ECD989F13CD0B 3966848 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\YourFileDownloaderdXAKs6ntX7.exe 2015-01-21 17:34:02 E9DFD666F8EC4DC76681CC25F0237A36 332299 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_64.exe 2015-01-21 17:33:37 F876CF6935CD9A4CE5B09699D645E53A 299520 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\sdf17C9.exe 2015-01-21 17:33:36 859B2571598147FC05A25A3F9AEA378E 212520 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\gFExxYgHS4.exe 2015-01-21 17:33:36 3C7FACA6BC554AA0EF70F6A3391D3535 319944 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\sFW06l1psA.exe 2015-01-21 17:33:36 16BD38FBAC1C9983F35EF48E014D63F8 583144 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\CUn1YCmHui.exe 2015-01-21 17:33:29 FA8C0C1B0060D285CA7ECD989F13CD0B 3966848 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\YourFileDownloaderWuDzjboRP7.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-01-18 12:41:58 FE48346938C1CDDDF4E4097DB9B99764 52224 ----a-w- C:\Windows\SysWOW64\nlaapi.dll 2015-01-18 12:41:58 92940397DFFB4D237EA5BB22FF912BDC 156672 ----a-w- C:\Windows\SysWOW64\ncsi.dll 2015-01-18 12:41:53 2AF481C03C0383ADE09FFEDA0C583140 3971512 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-18 12:41:51 9606307F5E1EABA98ACB61206EFC2127 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2015-01-18 12:41:51 8A289EF0AE709327D6AA9769E108B5A6 3916728 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-01-18 12:41:59 B6A58491307B4CADA572583D863DC602 210432 ----a-w- C:\Windows\Sysnative\profsvc.dll 2015-01-18 12:41:58 8B301D474B478E9A92823BAB50A7BC49 303616 ----a-w- C:\Windows\Sysnative\nlasvc.dll 2015-01-18 12:41:57 2A9C3ADBC3B9D061CACDEFFBED67683C 87040 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe 2015-01-18 12:41:53 0A70B8D78AF95894E221DDAC6482DF6D 5553592 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-01-18 12:41:51 F4846789B3795F14DCB7D92ED1DAF74F 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-01-18 12:41:51 DE595EACC79006E7B15B848BF0831E78 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-01-18 12:41:51 BA6D609BAB615991E8791CA1DFFD034C 50176 ----a-w- C:\Windows\Sysnative\srclient.dll ====== C:\Windows\Sysnative\drivers ===== 2015-01-18 12:41:58 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys ====== C:\Windows\Tasks ====== 2015-01-21 19:18:16 9BDB3425309CE3FB782CE8DA39F031CB 3160 ----a-w- C:\Windows\Sysnative\Tasks\{004180C6-1A9F-4CA7-89B3-FD1C543E1B60} 2014-12-28 14:59:22 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Nelleke\AppData\Roaming ====== 2015-01-06 10:17:21 -------- d-----w- C:\Users\Nelleke\AppData\Local\pdfforge 2015-01-06 10:04:54 -------- d-----w- C:\Users\Nelleke\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant ====== C:\Users\Nelleke ====== 2015-01-22 08:55:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Nelleke\Desktop\RSITx64.exe 2015-01-21 21:54:15 -------- d-----w- C:\Users\Nelleke\Start Menu 2015-01-07 12:10:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-01-07 12:08:28 -------- d-----w- C:\Users\Nelleke\Microsoft Office 15 ====== C: exe-files == 2015-01-22 08:55:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Nelleke\Desktop\RSITx64.exe 2015-01-22 07:51:41 FA8C0C1B0060D285CA7ECD989F13CD0B 3966848 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\YourFileDownloaderdXAKs6ntX7.exe 2015-01-21 17:34:02 E9DFD666F8EC4DC76681CC25F0237A36 332299 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_64.exe 2015-01-21 17:33:37 F876CF6935CD9A4CE5B09699D645E53A 299520 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\sdf17C9.exe 2015-01-21 17:33:36 859B2571598147FC05A25A3F9AEA378E 212520 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\gFExxYgHS4.exe 2015-01-21 17:33:36 3C7FACA6BC554AA0EF70F6A3391D3535 319944 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\sFW06l1psA.exe 2015-01-21 17:33:36 16BD38FBAC1C9983F35EF48E014D63F8 583144 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\CUn1YCmHui.exe 2015-01-21 17:33:29 FA8C0C1B0060D285CA7ECD989F13CD0B 3966848 ----a-w- C:\Users\Nelleke\AppData\Local\Temp\YourFileDownloaderWuDzjboRP7.exe 2015-01-19 23:08:15 BA7DC0C9141BE7292CA7E744B6F19F26 897104 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.99\39.0.2171.99_39.0.2171.95_chrome_updater.exe === C: other files == 2015-01-18 12:41:58 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys ======== System Restore Points ======== RP726: 7-1-2015 3:00:10 - Windows Update RP727: 8-1-2015 3:00:11 - Windows Update RP728: 18-1-2015 13:41:43 - Windows Update RP729: 19-1-2015 18:42:12 - Windows Update RP731: 20-1-2015 4:44:12 - Windows Defender Checkpoint RP732: 22-1-2015 15:20:03 - zoek.exe restore point ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "Facebook Update"="C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Spotify Web Helper"="C:\Users\Nelleke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" "Google Update"="C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe /c" "SkyDrive"="C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "GoogleChromeAutoLaunch_DFC161AFDED13D691B64976BD858F0D5"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Windows\CurrentVersion\runonce] "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "BATINDICATOR"="C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" "LaunchHPOSIAPP"="C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" "AppleSyncNotifier"="C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "DiscWizardMonitor.exe"="C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe" "Reader Application Helper"="C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "Facebook Update"="C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Spotify Web Helper"="C:\Users\Nelleke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" "Google Update"="C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe /c" "SkyDrive"="C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "GoogleChromeAutoLaunch_DFC161AFDED13D691B64976BD858F0D5"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64" "Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background" "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" "Seagate Scheduler2 Service"="C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\progra~3\\bitguard\\271832~1.68\\{16cdf~1\\loader.dll c:\\progra~3\\bitguard\\271769~1.27\\{16cdf~1\\loader.dll" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Google Update"="\"C:\\Users\\Nelleke\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Software Update"="c:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" ==== Startup Folders ====================== 2014-01-07 21:18:25 1065 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [19-01-2015 19:53] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core.job --a------ C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe [12-07-2012 00:14] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA.job --a------ C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe [12-07-2012 00:14] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09-12-2014 22:02] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09-12-2014 22:02] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core.job --a------ C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe [08-02-2014 20:38] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA.job --a------ C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe [08-02-2014 20:38] C:\Windows\tasks\HPCeeScheduleForNelleke.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core" [C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA" [C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core" [C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA" [C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP-Online updateprogramma" [c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForNelleke" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPOSIAPP64" ["%ProgramFiles(x86)%\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe"] "C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{87CB33B6-B2AB-4BA6-B18B-C4C009689351}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\erik\AppData\Roaming\Mozilla\Firefox\Profiles\is1p0ty0.default user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\b6hp15ti.default user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005 user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.defaultengine", "Google"); ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\mwdbv0eh.default user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "faststartff@gmail.com"="C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\extensions\faststartff@gmail.com" [21-01-2015 18:35] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\b6hp15ti.default - Undetermined - %ProfilePath%\extensions\compatibility@addons.mozilla.org ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005 - Undetermined - ffextension@weheartit.com - Undetermined - {2d3fbcf7-be69-4433-8858-c621a8d0e58d} - Undetermined - fftoolbar2014@etech.com - United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org - Fast Start - %ProfilePath%\extensions\faststartff@gmail.com - FF Toolbar - %ProfilePath%\extensions\fftoolbar2014@etech.com - Widevine Media Optimizer - %ProfilePath%\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} - YouTube Video and Audio Downloader - %ProfilePath%\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi - Kalp Tuu - %ProfilePath%\extensions\ffextension@weheartit.com.xpi - Pin It Button - %ProfilePath%\extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\mwdbv0eh.default - WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} ProfilePath: C:\Users\Nelleke\AppData\Roaming\Thunderbird\Profiles\2j53e4is.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005 8560995C727974F27F2A1CE68909FEB9 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll - Shockwave Flash D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013 D2377C9458EFEB094E38B8C874AA214C - C:\Users\Nelleke\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update 76EFD64CD206B93E2EB5320A23C19AD7 - C:\Users\Nelleke\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin 2AB6A7F373290AE20A19CF5F306E8C97 - C:\Users\Nelleke\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Nelleke\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 EECE85E006E195B1B227A8EB0874BDA8 - C:\Users\Nelleke\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Microsoft Office 15\npofficeondemand.dll - Microsoft Office 2013 ==== Deleted Firefox Extensions ====================== C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\extensions\faststartff@gmail.com deleted ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.99 (Up to date, latest Stable version: 39.0.2171.99) Google Slides - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Wallet - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://istart.webssearches.com/?type=hppp&ts=1421861775&from=exp&uid=ST31500341AS_9VS4JM6Y" "Start Page Restore"="http://go.microsoft.com/fwlink/?LinkId=69157" "Search Page"="http://istart.webssearches.com/web/?type=dspp&ts=1421861775&from=exp&uid=ST31500341AS_9VS4JM6Y&q={searchTerms}" "Default_Search_URL"="http://istart.webssearches.com/web/?type=dspp&ts=1421861775&from=exp&uid=ST31500341AS_9VS4JM6Y&q={searchTerms}" "Default_Page_URL"="http://istart.webssearches.com/?type=hppp&ts=1421861775&from=exp&uid=ST31500341AS_9VS4JM6Y" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://istart.webssearches.com/?type=hppp&ts=1421861775&from=exp&uid=ST31500341AS_9VS4JM6Y" "Start Page"="http://istart.webssearches.com/?type=hppp&ts=1421861775&from=exp&uid=ST31500341AS_9VS4JM6Y" "Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1421861683&from=exp&uid=ST31500341AS_9VS4JM6Y&q={searchTerms}" "Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1421861683&from=exp&uid=ST31500341AS_9VS4JM6Y&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://istart.webssearches.com/?type=hppp&ts=1421861775&from=exp&uid=ST31500341AS_9VS4JM6Y" "Start Page"="http://istart.webssearches.com/?type=hppp&ts=1421861775&from=exp&uid=ST31500341AS_9VS4JM6Y" "Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1421861683&from=exp&uid=ST31500341AS_9VS4JM6Y&q={searchTerms}" "Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1421861683&from=exp&uid=ST31500341AS_9VS4JM6Y&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://istart.webssearches.com/web/?type=ds&ts=1421861683&from=exp&uid=ST31500341AS_9VS4JM6Y&q={searchTerms}" "SearchAssistant"="http://istart.webssearches.com/web/?type=ds&ts=1421861683&from=exp&uid=ST31500341AS_9VS4JM6Y&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://istart.webssearches.com/web/?type=ds&ts=1421861683&from=exp&uid=ST31500341AS_9VS4JM6Y&q={searchTerms}" "SearchAssistant"="http://istart.webssearches.com/web/?type=ds&ts=1421861683&from=exp&uid=ST31500341AS_9VS4JM6Y&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" "Start Page Restore"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\Nelleke\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Nelleke\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\Nelleke\Desktop\ConvertXtoDVD 4.lnk - C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe C:\Users\Nelleke\Desktop\Dropbox.lnk - C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Nelleke\Desktop\Handbrake.lnk - C:\Program Files (x86)\Handbrake\Handbrake.exe C:\Users\Nelleke\Desktop\Internet Explorer - Snelkoppeling.lnk - C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer C:\Users\Nelleke\Desktop\Malwarebytes Anti-Malware - Snelkoppeling.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware C:\Users\Nelleke\Desktop\Muziek - Snelkoppeling.lnk - C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Libraries\Music.library-ms C:\Users\Nelleke\Desktop\Pirate-1005 - Snelkoppeling.lnk - Z:\Proggie om te bewaren\om mp3 te downloaden\Pirate-1005.exe C:\Users\Nelleke\Desktop\Spotify.lnk - C:\Users\Nelleke\AppData\Roaming\Spotify\spotify.exe C:\Users\Nelleke\Desktop\Windows DVD Maker.lnk - C:\Users\Nelleke\Desktop\Etiket printer\P-touch Address Book 1.1.lnk - C:\Program Files (x86)\Brother\PtAdrBook11\AdrBook.exe C:\Users\Nelleke\Desktop\Etiket printer\P-touch Editor 5.0.lnk - C:\Program Files (x86)\Brother\Ptedit50\Ptedit50.exe C:\Users\Nelleke\Desktop\foto moi\IMG_3247 - Snelkoppeling.lnk - C:\Users\Nelleke\Pictures\foto's iphone\IMG_3247.JPG C:\Users\Nelleke\Desktop\labelprinter\P-touch Editor 5.1.lnk - C:\Program Files (x86)\Brother\Ptedit51\Ptedit51.exe C:\Users\Nelleke\Desktop\labelprinter\P-touch Update Software.lnk - C:\Program Files (x86)\Brother\PtUpdate\PtUpdater.exe C:\Users\Nelleke\Desktop\spelletjes\Bejeweled 3.lnk - C:\Program Files (x86)\Bejeweled 3\Bejeweled3.exe C:\Users\Nelleke\Desktop\spelletjes\Bejeweled Blitz.lnk - C:\Games\Bejeweled Blitz\BejBlitz.exe C:\Users\Nelleke\Desktop\Weheartit\DVD Shrink Pro.lnk - C:\Program Files (x86)\DVD Shrink Pro\DVDShrink.exe C:\Users\UpdatusUser\Desktop\Handbrake.lnk - C:\Program Files (x86)\Handbrake\Handbrake.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\BurnAware Professional.lnk - C:\Program Files (x86)\BurnAware Professional\BurnAware.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\CollageIt.lnk - C:\Program Files (x86)\CollageIt\CollageIt.exe C:\Users\Public\Desktop\Defraggler.lnk - C:\Program Files\Defraggler\Defraggler64.exe C:\Users\Public\Desktop\Express Burn Disc Burning Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Public\Desktop\LightScribe.lnk - C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Public\Desktop\Reader for PC.lnk - C:\Program Files (x86)\Sony\ReaderDesktop\Reader.exe C:\Users\Public\Desktop\TeamViewer 10.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab\Get Lucky.lnk - C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab\Help.lnk - C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab\Uninstall.lnk - C:\Program Files (x86)\LuckyTab\LuckyTab.exe -uninstall C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn Disc Burning Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\CD Audio Burn Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\CD Audio Rip Extractor.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Rip C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Crescendo Music Notation.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Crescendo C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Dictation Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Express C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\DJ Mixing Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Zulu C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Multitrack Mixer.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind MixPad C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Record to CD or Mp3 Wizard.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Golden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Sound File Converter.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Switch C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Sound File Editor.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind WavePad C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Sound File Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind RecordPad C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Streaming Audio Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind SoundTap C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Streaming Audio Server.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind BroadWave C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Text-to-Speech Reader.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Verbose C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Voice Changing Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Voxal C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch\P-touch Address Book 1.1 Help.lnk - C:\Program Files (x86)\Brother\PtAdrBook11\AdrBook.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch\P-touch Address Book 1.1.lnk - C:\Program Files (x86)\Brother\PtAdrBook11\AdrBook.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch\P-touch Editor 5.1 (Snap-modus).lnk - C:\Program Files (x86)\Brother\Ptedit51\Ptedit51.exe /snap C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch\P-touch Editor 5.1 Help.lnk - C:\Program Files (x86)\Brother\Ptedit51\ptedit51.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch\P-touch Editor 5.1.lnk - C:\Program Files (x86)\Brother\Ptedit51\Ptedit51.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch\P-touch Update Software.lnk - C:\Program Files (x86)\Brother\PtUpdate\PtUpdater.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch\P-touch Tools\P-touch Editor 5.1 Add-Ins Utility.lnk - C:\Program Files (x86)\Brother\Ptedit51\Addins\AddinSet.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch\P-touch Tools\P-touch Library 2.2.lnk - C:\Program Files (x86)\Brother\Ptedit51\PtLib22.exe /lib C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch\P-touch Tools\P-touch Transfer Manager 2.2.lnk - C:\Program Files (x86)\Brother\Ptedit51\PtLib22.exe /trn C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Agenda.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe calendar C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contactgegevens.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe contacts C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\E-mail.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe mail C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Herinneringen.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe reminders C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud-foto's.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notities.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe notes C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Zoek mijn iPhone.lnk - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe find C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\msaccess.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\excel.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\INFOPATH.EXE /design C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\INFOPATH.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\lync.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive voor Bedrijven 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\GROOVE.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTE.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\outlook.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\powerpnt.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\mspub.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Verzenden naar OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTEM.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\winword.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Database Compare 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\client\AppVLP.exe "C:\Program Files\Microsoft Office 15\Root\Office15\DCF\DATABASECOMPARE.EXE" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Lync opnamebeheer.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OcPubMgr.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Office 2013 Upload Center.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\msouc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Spreadsheet Compare 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\client\AppVLP.exe "C:\Program Files\Microsoft Office 15\Root\Office15\DCF\SPREADSHEETCOMPARE.EXE" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Taalvoorkeuren voor Office 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\SETLANG.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Telemetriedashboard voor Office 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\msotd.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Telemetrielogboek voor Office 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\msoev.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Base.lnk - C:\Program Files (x86)\OpenOffice 4\program\sbase.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Calc.lnk - C:\Program Files (x86)\OpenOffice 4\program\scalc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Draw.lnk - C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Impress.lnk - C:\Program Files (x86)\OpenOffice 4\program\simpress.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Math.lnk - C:\Program Files (x86)\OpenOffice 4\program\smath.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Writer.lnk - C:\Program Files (x86)\OpenOffice 4\program\swriter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice.lnk - C:\Program Files (x86)\OpenOffice 4\program\soffice.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Over QuickTime.lnk - C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\RichText.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime deļnstalleren.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk - C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\QTPlayer.ico ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP MediaSmart.lnk - C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Users\erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY C:\Users\erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP MediaSmart.lnk - C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BurnAware Professional.lnk - C:\Program Files (x86)\BurnAware Professional\BurnAware.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CollageIt.lnk - C:\Program Files (x86)\CollageIt\CollageIt.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk - C:\Program Files (x86)\VSO\ConvertX\4\ConvertXtoDvd.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVD Shrink Pro.lnk - C:\Program Files (x86)\DVD Shrink Pro\DVDShrink.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk - C:\Program Files (x86)\ImgBurn\ImgBurn.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE /recycle C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\P-touch Address Book 1.1.lnk - C:\Program Files (x86)\Brother\PtAdrBook11\AdrBook.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\P-touch Editor 5.1.lnk - C:\Program Files (x86)\Brother\Ptedit51\Ptedit51.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\P-touch Update Software.lnk - C:\Program Files (x86)\Brother\PtUpdate\PtUpdater.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\70f62c6a7f1739bd\pinned.lnk - C:\Windows\system32\rundll32.exe C:\Windows\system32\shell32.dll,Options_RunDLL 1 C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk - C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Bejeweled 3.lnk - C:\Program Files (x86)\Bejeweled 3\Bejeweled3.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk - C:\Windows\system32\notepad.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Reader for PC.lnk - C:\Program Files (x86)\Sony\ReaderDesktop\Reader.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk - C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\µTorrent.lnk - C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BurnAware Professional.lnk - C:\Program Files (x86)\BurnAware Professional\BurnAware.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CyberLink DVD Suite Deluxe.lnk - C:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\PS.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\DVDSubEdit.lnk - C:\Users\Nelleke\Desktop\DVDSubEdit.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\excel.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Handbrake.lnk - C:\Program Files (x86)\Handbrake\Handbrake.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP MediaSmart.lnk - C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ImgBurn.lnk - C:\Program Files (x86)\ImgBurn\ImgBurn.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\LightScribe Template Labeler.lnk - C:\Program Files (x86)\LightScribe Template Labeler\TemplateLabeler.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox (2).lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad (2).lnk - C:\Windows\system32\notepad.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk - C:\Windows\system32\notepad.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ONES.LNK - C:\Program Files (x86)\ONES (E)\ONES.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\OpenOffice 4.1.1.lnk - C:\Program Files (x86)\OpenOffice 4\program\soffice.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OUTLOOK.EXE C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Power2Go.lnk - C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool (2).lnk - C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk - C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk - C:\Users\Nelleke\AppData\Roaming\Spotify\spotify.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sticky Notes.lnk - C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows DVD Maker.lnk - C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe C:\Users\Nelleke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== Uninstall List x64 ====================== ęTorrent [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD}] Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR] Adobe Flash Player 16 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] Adobe Flash Player 16 NPAPI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] Adobe Reader XI (11.0.10) - Nederlands [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1043-7B44-AB0000000001}] Adobe Refresh Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001802114130}] Agatha Christie - Death on the Nile [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087420] Apple Application Support [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}] Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}] Apple Software Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}] Bejeweled 2 Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087428] Bejeweled 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Bejeweled 31.0] Blackhawk Striker 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087328] Bonjour [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}] Brother P-touch Address Book 1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2023017-DEE4-44F7-8A71-CA6084BF534C}] Brother P-touch Editor 5.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{39270390-A851-4E4B-94A9-D5C468216ED3}] Brother P-touch Update Software [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2CD781D5-774F-4574-8671-5957AF4F159D}] Brother QL-Series Software User's Guide [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A242CAB2-870C-4AC9-8AFE-34379D9383CD}] Brother QL-Series Software User's Guide [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{A242CAB2-870C-4AC9-8AFE-34379D9383CD}] Browserinvoegtoepassingen voor Microsoft Office op aanvraag [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Browserinvoegtoepassingen voor Microsoft Office op aanvraag] BurnAware Professional 7.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BurnAware Professional_is1] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] Check Point Deployment Shell [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1a3f91f0-9e94-45f2-923c-794cc156a027}] Chuzzle Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087453] Cisco EAP-FAST Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}] Cisco LEAP Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{51C7AD07-C3F6-4635-8E8A-231306D810FE}] Cisco PEAP Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}] CollageIt 1.9.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D9757258-30B2-496E-86F2-84920C5858E1}_is1] ConvertXtoDVD 4.0.9.322 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1] CyberLink DVD Suite Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}] CyberLink DVD Suite Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}] D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}] Defraggler [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Defraggler] devolo dLAN Cockpit [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\dlancockpit] dLAN Cockpit [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A7172F1-66F1-603F-7E54-35EBB9F6E2EC}] Dora's Carnival Adventure [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087342] Dropbox [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox] DVD Menu Pack for HP MediaSmart Video [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}] DVD Menu Pack for HP MediaSmart Video [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}] DVD Shrink Pro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVD Shrink Pro_is1] Escape Rosecliff Island [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087360] ESET Smart Security [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{55B549BB-9C46-4841-A4DE-F6594C47A05B}] Express Burn Disc Burning Software [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ExpressBurn] Facebook Video Calling 3.1.0.521 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2091F234-EB58-4B80-8C96-8EB78C808CF7}] Farmington Tales [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C7AE4A72-1A87-4FE5-91F0-4ADEA32E9DFF}_is1] FATE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087361] Final Drive Nitro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087362] GemistDownloader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GemistDownloader] Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Talk Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] HandBrake 0.9.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HandBrake] Hewlett-Packard ACLM.NET v1.2.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}] HP Advisor [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}] HP Customer Experience Enhancements [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{07FA4960-B038-49EB-891B-9F95930AA544}] HP Games [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent hp Master Uninstall] HP MAINSTREAM KEYBOARD [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}] HP MediaSmart DVD [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DCCAD079-F92C-44DA-B258-624FC6517A5A}] HP MediaSmart DVD [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}] HP MediaSmart Music [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}] HP MediaSmart Music [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}] HP MediaSmart Photo [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}] HP MediaSmart Photo [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}] HP MediaSmart SmartMenu [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5B08AF35-B699-4A44-BB89-3E51E70611E8}] HP MediaSmart Video [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D12E3E7F-1B13-4933-A915-16C7DD37A095}] HP MediaSmart Video [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}] HP Odometer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B8AC1A89-FFD1-4F97-8051-E505A160F562}] HP Product Detection [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A436F67F-687E-4736-BD2B-537121A804CF}] HP Setup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{72D90DB3-A16A-4545-B555-868471101833}] HP Support Assistant [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}] HP Support Information [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}] HP Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DE77FE3F-A33D-499A-87AD-5FC406617B40}] HP Vision Hardware Diagnostics [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D79A02E9-6713-4335-9668-AAC7474C0C0E}] iCloud [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{309768A4-A2BB-4930-A5A2-8169678C9B4C}] ImgBurn (Remove Only) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ImgBurn] Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] Intel(R) Rapid Storage Technology [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}] iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}] Java 7 Update 71 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F03217071FF}] Java(TM) 6 Update 26 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86416026FF}] Jewel Quest - Heritage [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087374] LabelPrint [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}] LabelPrint [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}] LibreOffice 4.3.2.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9C13F99C-6E1A-4126-AE91-EAA2DADE08D6}] LightScribe Applications [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{61F25370-7465-4404-BE28-4629BF808699}] LightScribe System Software [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}] LightScribe Template Labeler [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43523FEF-9D8E-4572-BB11-0E914D366E0A}] Malwarebytes Anti-Malware versie 2.0.4.1028 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] Microsoft .NET Framework 4.5.1 (Nederlands) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043] Microsoft .NET Framework 4.5.1 (NLD) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9EBB0AF2-4AD2-3ABA-95EF-977EBEA1CB09}] Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}] Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033] Microsoft Office 365 - nl-nl [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\O365HomePremRetail - nl-nl] Microsoft Office Klik-en-Klaar 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.Click2Run] Microsoft Office Professional Plus 2013 - nl-nl [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ProPlusRetail - nl-nl] Microsoft OneDrive [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\OneDriveSetup.exe] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}] Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{071c9b48-7c32-4621-a0ac-3f809523288f}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}] Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}] Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Microsoft Web Publishing Wizard 1.52 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WebPost] MobileMe Control Panel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}] Movie Theme Pack for HP MediaSmart Video [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3023EBDA-BF1B-4831-B347-E5018555F26E}] Movie Theme Pack for HP MediaSmart Video [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}] Mozilla Firefox 35.0 (x86 nl) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 35.0 (x86 nl)] Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService] MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}] MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}] MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}] MSXML 4.0 SP3 Parser (KB2758694) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}] MSXML 4.0 SP3 Parser [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{196467F1-C11F-4F76-858B-5812ADC83B94}] MusicStation [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E74E7F63-E70F-43f2-873F-35FB66F263B2}] NVIDIA-configuratiescherm 331.82 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel] NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8A809006-C25A-4A3A-9DAB-94659BCDB107}] NVIDIA Update 1.7.12 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] NVIDIA Update Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update] ONES (E) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ONES(E)] OpenOffice 4.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{89FD914D-4472-4E4F-8638-69E857E82DC9}] Penguins [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087394] PhotoNow [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D36DD326-7280-11D8-97C8-000129760CBE}] PhotoNow [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}] Picasa 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Picasa 3] Plants vs. Zombies [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087501] PlayReady PC Runtime amd64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}] Poker Superstars III [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087395] Polar Bowler [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087396] Polar Golfer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087397] Power2Go [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}] Power2Go [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}] PowerDirector [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}] PowerDirector [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}] PrintMaster [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD144C1-5EAD-4D55-80A1-ACAF893A4FFE}] QuickTime 7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}] Reader for PC [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8A3072C3-8EA3-4CDE-B342-88E67FAB06E5}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] Recovery Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}] Remote Desktop Access (VuuPC) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage] Seagate DiscWizard [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8FB2A014-A0B0-42D8-8E18-9AFC6A6E2814}] Softwarenetz Adressen3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adressen3] Spotify [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotify] System Requirements Lab for Intel [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C71067FC-288F-4E0B-88C6-44DFDA8311E2}] TeamViewer 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TeamViewer] UPC Fiber Power Optimizer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{631141AD-79AA-447F-B403-21C704D39B8C}] Verzoek of wijziging voorlopige aanslag 2014 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Verzoek of wijziging voorlopige aanslag 2014] Virtual Villagers - The Secret City [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087513] VLC media player 1.0.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player] Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2A07C35B-8384-4DA4-9A95-442B6C89A073}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite] Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1B8ABA62-74F0-47ED-B18C-A43128E591B8}] Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}] Windows Live Language Selector [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D07A61E5-A59C-433C-BCBD-22025FA2287B}] Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C32CE55C-12BA-4951-8797-0967FDEF556F}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6A563426-3474-41C6-B847-42B39F1485B2}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BD262D0-B788-4546-A0A5-F4F56EC3834B}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}] Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83C292B7-38A5-440B-A731-07070E81A64F}] Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}] Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}] Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}] WinRAR [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] Wireless LAN Driver and Utility [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}] YTD Video Downloader 4.8.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}] Zuma Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WT087533] ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe O4 - HKLM\..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [DiscWizardMonitor.exe] "C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe" O4 - HKLM\..\Run: [Reader Application Helper] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Nelleke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_DFC161AFDED13D691B64976BD858F0D5] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" O4 - Global Startup: Event Reminder.lnk = C:\Program Files (x86)\Broderbund\PrintMaster\PMremind.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted IP range: http://192.168.1.1 O15 - ESC Trusted IP range: http://192.168.1.1 O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: devolo Network Service (DevoloNetworkService) - Unknown owner - C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\11n USB Wireless LAN Utility\RtlService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Seagate Scheduler2 Service (SgtSch2Svc) - Seagate - C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Silent Runners ====================== "Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/ Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [MS] iCloudServices = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [Apple Inc.] ApplePhotoStreams = C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [Apple Inc.] Facebook Update = "C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [Facebook Inc.] Spotify Web Helper = "C:\Users\Nelleke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [Spotify Ltd] HPAdvisorDock = C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [Hewlett-Packard] Google Update = "C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe" /c [Google Inc.] SkyDrive = "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background [MS] iCloudDrive = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [Apple Inc.] GoogleChromeAutoLaunch_DFC161AFDED13D691B64976BD858F0D5 = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window [Google Inc.] HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\ {++} Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64 = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" [MS] Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64 = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" [MS] Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64 = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" [MS] Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64 = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64" [MS] Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64 = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64" [MS] Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64 = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64" [MS] Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64 = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} hpsysdrv = c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [Hewlett-Packard] SmartMenu = C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background [null data] egui = "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice [ESET] Seagate Scheduler2 Service = "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" [Seagate] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\ {++} NCPluginUpdater = "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [null data] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++} IAStorIcon = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [null data] BATINDICATOR = C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [Hewlett-Packard] LaunchHPOSIAPP = C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe [Hewlett-Packard] AppleSyncNotifier = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [Apple Inc.] APSDaemon = "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [Apple Inc.] DiscWizardMonitor.exe = "C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe" [Seagate] Reader Application Helper = C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [Sony Corporation] SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Oracle Corporation] iTunesHelper = "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [Apple Inc.] QuickTime Task = "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [Apple Inc.] Wondershare Helper Compact.exe = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [file not found] HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\ {89820200-ECBD-11cf-8B85-00AA005B4383}\(Default) = Web Platform Customizations \StubPath = C:\Windows\System32\ie4uinit.exe -UserConfig [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\(Default) = Lync Click to Call BHO -> {HKLM...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [MS] -> {HKLM...Wow...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [MS] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] -> {HKLM...Wow...CLSID} = Aanmeldhulp voor Windows Live ID \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {B4F3A835-0E21-4959-BA22-42B3008E02FF}\(Default) = URLRedirectionBHO -> {HKLM...CLSID} = Office Document Cache Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [MS] -> {HKLM...Wow...CLSID} = Office Document Cache Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [MS] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\(Default) = (no title provided) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre6\bin\jp2ssv.dll [Sun Microsystems, Inc.] -> {HKLM...Wow...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [Oracle Corporation] {E76FD755-C1BA-4DCB-9F13-99BD91223ADE}\(Default) = HP Network Check Helper -> {HKLM...CLSID} = HP Network Check Helper \InProcServer32\(Default) = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [Hewlett-Packard] -> {HKLM...Wow...CLSID} = HP Network Check Helper \InProcServer32\(Default) = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [Hewlett-Packard] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\(Default) = Lync Click to Call BHO -> {HKLM...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [MS] -> {HKLM...Wow...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [MS] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre7\bin\ssv.dll [Oracle Corporation] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] -> {HKLM...Wow...CLSID} = Aanmeldhulp voor Windows Live ID \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {B4F3A835-0E21-4959-BA22-42B3008E02FF}\(Default) = URLRedirectionBHO -> {HKLM...CLSID} = Office Document Cache Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [MS] -> {HKLM...Wow...CLSID} = Office Document Cache Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [MS] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\(Default) = (no title provided) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre6\bin\jp2ssv.dll [Sun Microsystems, Inc.] -> {HKLM...Wow...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [Oracle Corporation] {E76FD755-C1BA-4DCB-9F13-99BD91223ADE}\(Default) = HP Network Check Helper -> {HKLM...CLSID} = HP Network Check Helper \InProcServer32\(Default) = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [Hewlett-Packard] -> {HKLM...Wow...CLSID} = HP Network Check Helper \InProcServer32\(Default) = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [Hewlett-Packard] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1\(Default) = {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -> {HKCU...CLSID} = UpToDateOverlayHandler Class \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll [MS] SkyDrive2\(Default) = {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -> {HKCU...CLSID} = SyncingOverlayHandler Class \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll [MS] SkyDrive3\(Default) = {BBACC218-34EA-4666-9D7A-C78F2274A524} -> {HKCU...CLSID} = ErrorOverlayHandler Class \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll [MS] SkyDrivePro1 (ErrorConflict)\(Default) = {8BA85C75-763B-4103-94EB-9470F12FE0F7} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] SkyDrivePro2 (SyncInProgress)\(Default) = {CD55129A-B1A1-438E-A425-CEBC7DC684EE} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] SkyDrivePro3 (InSync)\(Default) = {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] "DropboxExt1"\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt2"\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt3"\(Default) = {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt4"\(Default) = {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt5"\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt6"\(Default) = {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt7"\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] "DropboxExt8"\(Default) = {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1\(Default) = {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -> {HKCU...Wow...CLSID} = UpToDateOverlayHandler Class \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll [MS] SkyDrive2\(Default) = {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -> {HKCU...Wow...CLSID} = SyncingOverlayHandler Class \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll [MS] SkyDrive3\(Default) = {BBACC218-34EA-4666-9D7A-C78F2274A524} -> {HKCU...Wow...CLSID} = ErrorOverlayHandler Class \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll [MS] SkyDrivePro1 (ErrorConflict)\(Default) = {8BA85C75-763B-4103-94EB-9470F12FE0F7} -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] SkyDrivePro2 (SyncInProgress)\(Default) = {CD55129A-B1A1-438E-A425-CEBC7DC684EE} -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] SkyDrivePro3 (InSync)\(Default) = {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {8BA85C75-763B-4103-94EB-9470F12FE0F7} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {CD55129A-B1A1-438E-A425-CEBC7DC684EE} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} = Microsoft SkyDrive Pro Browser Helper -> {HKLM...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} = Microsoft OneNote Namespace Extension for Windows Desktop Search -> {HKLM...CLSID} = Microsoft OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONFILTER.DLL [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office15\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office15\msoshext.dll [MS] {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0} -> {HKLM...CLSID} = ImageExtractorShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\VISSHE.DLL [MS] {D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF} -> {HKLM...CLSID} = CInfoTipShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\VISSHE.DLL [MS] {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} = iTunes -> {HKLM...CLSID} = iTunes \InProcServer32\(Default) = C:\Program Files\iTunes\iTunesMiniPlayer.dll [Apple Inc.] {087B3AE3-E237-4467-B8DB-5A38AB959AC9} = LibreOffice Infotip Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll [Apache Software Foundation] {3B092F0C-7696-40E3-A80F-68D74DA84210} = LibreOffice Thumbnail Viewer -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll [Apache Software Foundation] {63542C48-9552-494A-84F7-73AA6A7C99C1} = LibreOffice Property Sheet Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll [Apache Software Foundation] {AE424E85-F6DF-4910-A6A9-438797986431} = OpenOffice Property Handler -> {HKLM...CLSID} = OpenOffice Property Handler \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll [Apache Software Foundation] {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} = LibreOffice Column Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll [Apache Software Foundation] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} = Microsoft OneNote Namespace Extension for Windows Desktop Search -> {HKLM...Wow...CLSID} = Microsoft OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\ONFILTER.DLL [MS] {087B3AE3-E237-4467-B8DB-5A38AB959AC9} = OpenOffice Infotip Handler -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl.dll [Apache Software Foundation] {3B092F0C-7696-40E3-A80F-68D74DA84210} = OpenOffice Thumbnail Viewer -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl.dll [Apache Software Foundation] {63542C48-9552-494A-84F7-73AA6A7C99C1} = OpenOffice Property Sheet Handler -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl.dll [Apache Software Foundation] {AE424E85-F6DF-4910-A6A9-438797986431} = OpenOffice Property Handler -> {HKLM...Wow...CLSID} = OpenOffice Property Handler \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl.dll [Apache Software Foundation] {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} = OpenOffice Column Handler -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl.dll [Apache Software Foundation] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...Wow...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office15\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...Wow...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office15\msoshext.dll [MS] {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0} -> {HKLM...Wow...CLSID} = ImageExtractorShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\VISSHE.DLL [MS] {D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF} -> {HKLM...Wow...CLSID} = CInfoTipShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\VISSHE.DLL [MS] {8BA85C75-763B-4103-94EB-9470F12FE0F7} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] {CD55129A-B1A1-438E-A425-CEBC7DC684EE} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} = Microsoft SkyDrive Pro Browser Helper -> {HKLM...Wow...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\ <> AppInit_DLLs = c:\progra~3\bitguard\271832~1.68\{16cdf~1\loader.dll c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll [file not found] HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\ <> BootExecute = autocheck autochk *| [file not found]|sdnclean64.exe [file not found] HKCU\Software\Classes\*\shellex\ContextMenuHandlers\ SkyDriveEx\(Default) = {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} -> {HKCU...CLSID} = SkyDriveEx \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll [MS] -> {HKCU...Wow...CLSID} = SkyDriveEx \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll [MS] DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ ESET Smart Security - Context Menu Shell Extension\(Default) = {B089FE88-FB52-11D3-BDF1-0050DA34150D} -> {HKLM...CLSID} = ESET Smart Security - Context Menu Shell Extension \InProcServer32\(Default) = C:\Program Files\ESET\ESET Smart Security\shellExt.dll [ESET] -> {HKLM...Wow...CLSID} = ESET Smart Security - Context Menu Shell Extension \InProcServer32\(Default) = C:\Program Files\ESET\ESET Smart Security\x86\shellExt.dll [ESET] PhotoStreamsExt\(Default) = {89D984B3-813B-406A-8298-118AFA3A22AE} -> {HKLM...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [Apple Inc.] -> {HKLM...Wow...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll [Apple Inc.] WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext32.dll [Alexander Roshal] {C539A15A-3AF9-4c92-B771-50CB78F5C751}\(Default) = (no title provided) -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll [Seagate] -> {HKLM...Wow...CLSID} = Seagate DiscWizard Shell Context Menu Extension \InProcServer32\(Default) = C:\Program Files (x86)\Seagate\DiscWizard\tishell.dll [Seagate] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM...CLSID} = MBAMShlExt Class \InProcServer32\(Default) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [Malwarebytes Corporation] HKCU\Software\Classes\Directory\shellex\ContextMenuHandlers\ SkyDriveEx\(Default) = {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} -> {HKCU...CLSID} = SkyDriveEx \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll [MS] -> {HKCU...Wow...CLSID} = SkyDriveEx \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll [MS] DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext32.dll [Alexander Roshal] HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\ WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext32.dll [Alexander Roshal] HKCU\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\ SkyDriveEx\(Default) = {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} -> {HKCU...CLSID} = SkyDriveEx \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll [MS] -> {HKCU...Wow...CLSID} = SkyDriveEx \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll [MS] DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Nelleke\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = OpenOffice Column Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll [Apache Software Foundation] -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl.dll [Apache Software Foundation] {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info -> {HKLM...Wow...CLSID} = PDF Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ ESET Smart Security - Context Menu Shell Extension\(Default) = {B089FE88-FB52-11D3-BDF1-0050DA34150D} -> {HKLM...CLSID} = ESET Smart Security - Context Menu Shell Extension \InProcServer32\(Default) = C:\Program Files\ESET\ESET Smart Security\shellExt.dll [ESET] -> {HKLM...Wow...CLSID} = ESET Smart Security - Context Menu Shell Extension \InProcServer32\(Default) = C:\Program Files\ESET\ESET Smart Security\x86\shellExt.dll [ESET] MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM...CLSID} = MBAMShlExt Class \InProcServer32\(Default) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [Malwarebytes Corporation] WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext32.dll [Alexander Roshal] {C539A15A-3AF9-4c92-B771-50CB78F5C751}\(Default) = (no title provided) -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll [Seagate] -> {HKLM...Wow...CLSID} = Seagate DiscWizard Shell Context Menu Extension \InProcServer32\(Default) = C:\Program Files (x86)\Seagate\DiscWizard\tishell.dll [Seagate] HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\ WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext32.dll [Alexander Roshal] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoDrives = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ EnableShellExecuteHooks = (REG_DWORD) dword:0x00000001 {unrecognized setting} NoDrives = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\ DisableLockWorkstation = (REG_DWORD) dword:0x00000000 {unrecognized setting} DisableChangePassword = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ HideFastUserSwitching = (REG_DWORD) dword:0x00000000 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Users\Nelleke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ BurnAware\ Provider = BurnAware InvokeProgID = BurnAwareOpen InvokeVerb = open HKLM\SOFTWARE\Classes\BurnAwareOpen\shell\open\command\(Default) = "C:\Program Files (x86)\BurnAware Professional\burnaware.exe" [Burnaware] ExpressBurn.AutoPlay\ Provider = Express Burn Disc Burning Software InvokeProgID = ExpressBurn.AutoPlay InvokeVerb = open HKLM\SOFTWARE\Classes\ExpressBurn.AutoPlay\shell\open\command\(Default) = C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe [NCH Software] HPMSDVDPlayDVDMovieOnArrival\ Provider = HP MediaSmart DVD InvokeProgID = DVD InvokeVerb = PlayWithHPMediaSmartDVD HKLM\SOFTWARE\Classes\DVD\shell\PlayWithHPMediaSmartDVD\Command\(Default) = "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe" AUTOPLAY MOVIE "%L" [CyberLink Corp.] HPMSDVDPlayVCDMovieOnArrival\ Provider = HP MediaSmart DVD InvokeProgID = VCD InvokeVerb = PlayWithHPMediaSmartDVD HKLM\SOFTWARE\Classes\VCD\shell\PlayWithHPMediaSmartDVD\Command\(Default) = "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe" AUTOPLAY MOVIE "%L" [CyberLink Corp.] iTunesBurnCDOnArrival\ Provider = iTunes InvokeProgID = iTunes.BurnCD InvokeVerb = burn HKLM\SOFTWARE\Classes\iTunes.BurnCD\shell\burn\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /AutoPlayBurn "%L" [Apple Inc.] iTunesImportSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ImportSongsOnCD InvokeVerb = import HKLM\SOFTWARE\Classes\iTunes.ImportSongsOnCD\shell\import\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /AutoPlayImportSongs "%L" [Apple Inc.] iTunesPlaySongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.PlaySongsOnCD InvokeVerb = play HKLM\SOFTWARE\Classes\iTunes.PlaySongsOnCD\shell\play\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /playCD "%L" [Apple Inc.] iTunesShowSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ShowSongsOnCD InvokeVerb = showsongs HKLM\SOFTWARE\Classes\iTunes.ShowSongsOnCD\shell\showsongs\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /AutoPlayShowSongs "%L" [Apple Inc.] MediaSmartDVFilesArrival\ Provider = @C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\MUITransfer\HPEnvRes.dll,-101 ProgID = Shell.HWEventHandlerShellExecute InitCmdLine = "C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe" video dv HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} -> {HKLM...CLSID} = Shell Execute Hardware Event Handler \LocalServer32\(Default) = C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS] MediaSmartPhotoPictureFilesArrival\ Provider = @C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\MUITransfer\HPEnvRes.dll,-101 InvokeProgID = Picture InvokeVerb = PlayWithMediaSmartPhoto HKLM\SOFTWARE\Classes\Picture\shell\PlayWithMediaSmartPhoto\Command\(Default) = "C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe" photo import "%L" [CyberLink Corp.] MediaSmartVideoFilesArrival\ Provider = @C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\MUITransfer\HPEnvRes.dll,-101 InvokeProgID = VideoFiles InvokeVerb = PlayWithMediaSmartVideo HKLM\SOFTWARE\Classes\VideoFiles\shell\PlayWithMediaSmartVideo\Command\(Default) = "C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe" video import "%L" [CyberLink Corp.] MSPlayCDAudioOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.AudioCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS] MSPlayDVDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.DVD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS] MSPlaySuperVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPlayVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSWMPBurnCDOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.BurnCD InvokeVerb = Burn HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS] P2GCDBurningOnArrival\ Provider = Power2Go InvokeProgID = BlankCD InvokeVerb = OpenWithPower2Go HKLM\SOFTWARE\Classes\BlankCD\shell\OpenWithPower2Go\Command\(Default) = "c:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe" "%L" [CyberLink Corp.] P2GDVDBurningOnArrival\ Provider = Power2Go InvokeProgID = BlankDVD InvokeVerb = OpenWithPower2Go HKLM\SOFTWARE\Classes\BlankDVD\shell\OpenWithPower2Go\Command\(Default) = "c:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe" "%L" [CyberLink Corp.] PDirDVArrival\ Provider = PowerDirector ProgID = Shell.HWEventHandlerShellExecute InitCmdLine = "c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.exe" /DV HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} -> {HKLM...CLSID} = Shell Execute Hardware Event Handler \LocalServer32\(Default) = C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS] Picasa2ImportPicturesOnArrival\ Provider = Picasa3 InvokeProgID = picasa2.autoplay InvokeVerb = import HKLM\SOFTWARE\Classes\picasa2.autoplay\shell\import\command\(Default) = "C:\Program Files (x86)\Google\Picasa3\Picasa3.exe" "%1" [Google Inc.] Power2GoPlayCDAudioOnArrival\ Provider = Power2Go InvokeProgID = AudioCD InvokeVerb = PlayWithPower2Go HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithPower2Go\Command\(Default) = "c:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe" /AudioRipper "%L" [CyberLink Corp.] PStarterBlankCDArrival\ Provider = DVD Suite Deluxe InvokeProgID = BlankCD InvokeVerb = OpenWithPowerStarter HKLM\SOFTWARE\Classes\BlankCD\shell\OpenWithPowerStarter\Command\(Default) = "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\PS.exe" "%L" [CyberLink Corp.] PStarterDVDBurningOnArrival\ Provider = DVD Suite Deluxe InvokeProgID = BlankDVD InvokeVerb = OpenWithPowerStarter HKLM\SOFTWARE\Classes\BlankDVD\shell\OpenWithPowerStarter\Command\(Default) = "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\PS.exe" "%L" [CyberLink Corp.] PStarterMixedCDArrival\ Provider = DVD Suite Deluxe InvokeProgID = MixedContent InvokeVerb = OpenWithPowerStarter HKLM\SOFTWARE\Classes\MixedContent\shell\OpenWithPowerStarter\Command\(Default) = "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\PS.exe" "%L" [CyberLink Corp.] PStarterMusicFilesArrival\ Provider = DVD Suite Deluxe InvokeProgID = MusicFiles InvokeVerb = OpenWithPowerStarter HKLM\SOFTWARE\Classes\MusicFiles\shell\OpenWithPowerStarter\Command\(Default) = "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\PS.exe" "%L" [CyberLink Corp.] PStarterPicturesArrival\ Provider = DVD Suite Deluxe InvokeProgID = Picture InvokeVerb = OpenWithPowerStarter HKLM\SOFTWARE\Classes\Picture\shell\OpenWithPowerStarter\Command\(Default) = "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\PS.exe" "%L" [CyberLink Corp.] PStarterVideoFilesArrival\ Provider = DVD Suite Deluxe InvokeProgID = VideoFiles InvokeVerb = OpenWithPowerStarter HKLM\SOFTWARE\Classes\VideoFiles\shell\OpenWithPowerStarter\Command\(Default) = "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\PS.exe" "%L" [CyberLink Corp.] VLCPlayCDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.CDAudio InvokeVerb = play HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\play\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file cdda://%1 [the VideoLAN Team] VLCPlayDVDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.DVDMovie InvokeVerb = play HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\play\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file dvd://%1 [the VideoLAN Team] WIA_{BEE6156E-FF18-4592-BA31-53457140584C}\ Provider = @C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\MUITransfer\HPEnvRes.dll,-101 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe.exe photo import wpd %1 %2; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{F5C7F58A-12E5-4357-8B2F-5F8057D8EF70}\ Provider = @C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\MUITransfer\HPEnvRes.dll,-101 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe.exe video import wpd %1 %2; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] Startup items in "Nelleke" & "All Users" startup folders: --------------------------------------------------------- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup {++} Event Reminder -> shortcut to: C:\Program Files (x86)\Broderbund\PrintMaster\PMremind.exe [TLC Multimedia Inc.] Windows Sidebar Gadgets: {++} ------------------------ C:\Users\Nelleke\AppData\Local\Microsoft\Windows Sidebar\Settings.ini "C:%5CProgram%20Files%5CWindows%20Sidebar%5CGadgets%5CWeather.Gadget" "C:%5CProgram%20Files%5CWindows%20Sidebar%5CShared%20Gadgets%5CaswSidebar.gadget" "C:%5CProgram%20Files%5CWindows%20Sidebar%5CGadgets%5CPower2Go.Gadget" "C:%5CProgram%20Files%5CWindows%20Sidebar%5CGadgets%5CCalendar.Gadget" "C:%5CProgram%20Files%5CWindows%20Sidebar%5CGadgets%5CWeather.Gadget" Non-disabled Scheduled Tasks: {++} ----------------------------- C:\Windows\System32\Tasks Adobe Acrobat Update Task -> launches: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [Adobe Systems Incorporated] Adobe Flash Player Updater -> launches: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated] Adobe-online actualiseringsprogramma -> launches: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [Adobe Systems Incorporated] Apple Diagnostics -> launches: C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [Apple Inc.] FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core -> launches: C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver [Facebook Inc.] FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA -> launches: C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler [Facebook Inc.] Google Updater and Installer -> launches: C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineCore -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineUA -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core -> launches: C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA -> launches: C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] HP-Online updateprogramma -> launches: c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [Hewlett-Packard] HPCeeScheduleForNelleke -> launches: C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForNelleke (null) [null data] HPOSIAPP64 -> launches: "%ProgramFiles(x86)%\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe" [null data] Java Update Scheduler -> launches: C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [Oracle Corporation] Microsoft Office 15 Sync Maintenance for HPNelleke-Nelleke HPNelleke -> launches: C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [MS] User_Feed_Synchronization-{87CB33B6-B2AB-4BA6-B18B-C4C009689351} -> (HIDDEN!) launches: C:\Windows\system32\msfeedssync.exe sync [MS] {004180C6-1A9F-4CA7-89B3-FD1C543E1B60} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\Nelleke\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=exp [MS] {055777FA-FE9A-4986-BBAD-063170EBDC26} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\IncrediMail\Bin\ImSetup.exe" -c /uninstallProduct /addon:incredimail [MS] {956B4BA9-5A05-4EA4-83F0-69B5C5CC03E8} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\Nelleke\Desktop\zoek.scr -d C:\Users\Nelleke\Desktop -c /S [MS] {BB624FBD-AEA8-440E-834D-376F3420D897} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\Nelleke\Desktop\zoek.pif -d C:\Users\Nelleke\Desktop [MS] {C2846005-DA07-4ADD-BA5C-056CAD1B252F} -> launches: C:\Windows\system32\pcalua.exe -a "Z:\Age of Enigma - Het Geheim van de Zesde Geest AF\Uninstall.exe" -d "Z:\Age of Enigma - Het Geheim van de Zesde Geest AF" [MS] {C83C8428-9652-463C-911D-9BFE2C5C55C7} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\Nelleke\Desktop\CCleaner-DukeN-NL.exe -d "C:\Program Files (x86)\Mozilla Firefox" [MS] {F3810887-7551-40CF-AC60-5F98B1518D0B} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Xilisoft\DVD to iPad Converter 6\Uninstall.exe" [MS] C:\Windows\System32\Tasks\Apple AppleSoftwareUpdate -> launches: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task [Apple Inc.] C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant HP Support Assistant Quick Start -> launches: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart [null data] PC Health Analysis -> launches: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis [null data] PC Tuneup -> launches: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L TuneupTimer [null data] Update Check -> launches: C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe /s /p 1 [null data] WarrantyChecker_DeviceScan -> launches: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 [null data] C:\Windows\System32\Tasks\Microsoft\Office Office Automatic Updates -> launches: C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False [MS] Office Subscription Maintenance -> launches: C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [MS] OfficeTelemetryAgentFallBack -> launches: C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe scan upload mininterval:2880 [MS] OfficeTelemetryAgentLogOn -> launches: C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe scan upload [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience AitAgent -> launches: aitagent [MS] Microsoft Compatibility Appraiser -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy [MS] ProgramDataUpdater -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Autochk Proxy -> launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS] KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c} -> {HKLM...CLSID} = KernelCeipCustomHandler \InProcServer32\(Default) = C:\Windows\System32\kernelceip.dll [MS] Uploader -> launches: %windir%\system32\WSqmCons.exe -u [MS] UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8} -> {HKLM...CLSID} = UsbCeip \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS] -> {HKLM...Wow...CLSID} = UsbCeip \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3} -> {HKLM...CLSID} = ScheduledDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\sdiagschd.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Location Notifications -> launches: %windir%\System32\LocationNotifications.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance WinSAT -> launches: {A9A33436-678B-4C9C-A211-7CC38785E79D} -> {HKLM...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS] -> {HKLM...Wow...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Media Center ActivateWindowsSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [MS] ConfigureInternetTimeService -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [MS] DispatchRecoveryTasks -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [MS] ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS] InstallPlayReady -> launches: %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [MS] mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) [MS] mcupdate_scheduled -> launches: %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 [MS] MediaCenterRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [MS] ObjectStoreRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [MS] OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS] OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [MS] PBDADiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [MS] PBDADiscoveryW1 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [MS] PBDADiscoveryW2 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [MS] PvrRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [MS] PvrScheduleTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [MS] RegisterSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [MS] ReindexSearchRoot -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [MS] SqlLiteRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [MS] StartRecording -> launches: %SystemRoot%\ehome\ehrec /StartRecording [MS] UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic CorruptionDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2} -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS] DecompressionFailureDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2} -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E} -> {HKLM...CLSID} = HotStart User Agent \InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MUI Lpksetup -> launches: C:\Windows\System32\lpksetup.exe -v [MS] LPRemove -> launches: %windir%\system32\lpremove.exe [MS] Mcbuilder -> launches: C:\Windows\System32\mcbuilder.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543} -> {HKLM...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace GatherNetworkInfo -> launches: %windir%\system32\gatherNetworkInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics AnalyzeSystem -> launches: %SystemRoot%\System32\powercfg.exe -energy -auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6} -> {HKLM...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS] -> {HKLM...Wow...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Ras MobilityManager -> launches: {c463a0fc-794f-4fdf-9201-01938ceacafa} -> {HKLM...CLSID} = RasMobilityManager \InProcServer32\(Default) = C:\Windows\system32\rasmbmgr.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Registry RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2} -> {HKLM...CLSID} = RegistryIdleBackupHandler \InProcServer32\(Default) = C:\Windows\System32\regidle.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SideShow GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61} -> {HKLM...CLSID} = GadgetsManager Class \InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore SR -> launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4} -> {HKLM...CLSID} = RunTask \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS] -> {HKLM...Wow...CLSID} = RunTask \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip IpAddressConflict1 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS] IpAddressConflict2 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} -> {HKLM...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization SynchronizeTime -> launches: %windir%\system32\sc.exe start w32time task_started [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies ValidationTask -> (HIDDEN!) launches: %SystemRoot%\system32\Wat\WatAdminSvc.exe /run [MS] ValidationTaskDeadline -> (HIDDEN!) launches: %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing UpdateLibrary -> launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wininet CacheTask -> launches: {0358b920-0ac7-461f-98f4-58e32cd89148} -> {HKLM...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS] -> {HKLM...Wow...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows Defender MP Scheduled Scan -> (HIDDEN!) launches: c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan [MS] C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE Extractor Definitions Update Task -> launches: {3519154C-227E-47F3-9CC9-12C3F05817F1} -> {HKLM...Wow...CLSID} = Windows Live Social Object Extractor Engine Definition Updater \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll [MS] C:\Windows\System32\Tasks\WPD SqmUpload_S-1-5-21-2849121425-4159316806-1266491598-1001 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000007\LibraryPath = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000008\LibraryPath = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000009\LibraryPath = %SystemRoot%\system32\wshbth.dll [MS] 000000000010\LibraryPath = C:\Program Files (x86)\Bonjour\mdnsNSP.dll [Apple Inc.] HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000007\LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000008\LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000009\LibraryPath = %SystemRoot%\system32\wshbth.dll [MS] 000000000010\LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll [Apple Inc.] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 11 HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 11 Toolbars, Explorer Bars, Extensions: ------------------------------------ Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {25510184-5A38-4A99-B273-DCA8EEF6CD08}\ ButtonText = @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 MenuText = @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 Exec = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe [null data] {2670000A-7350-4F3C-8081-5663EE0C6C49}\ ButtonText = Send to OneNote MenuText = Se&nd to OneNote CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C} -> {HKLM...CLSID} = Send to OneNote from Internet Explorer button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll [MS] {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ ButtonText = Lync Click to Call MenuText = Lync Click to Call CLSIDExtension = {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> {HKLM...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [MS] {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ ButtonText = OneNote Lin&ked Notes MenuText = OneNote Lin&ked Notes CLSIDExtension = {FFFDC614-B694-4AE6-AB38-5D6374584B52} -> {HKLM...CLSID} = Linked Notes button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\ {25510184-5A38-4A99-B273-DCA8EEF6CD08}\ ButtonText = @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 MenuText = @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 Exec = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe [null data] {2670000A-7350-4F3C-8081-5663EE0C6C49}\ ButtonText = Send to OneNote MenuText = Se&nd to OneNote CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C} -> {HKLM...Wow...CLSID} = Send to OneNote from Internet Explorer button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll [MS] {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ ButtonText = Lync Click to Call MenuText = Lync Click to Call CLSIDExtension = {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> {HKLM...Wow...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [MS] {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ ButtonText = OneNote Lin&ked Notes MenuText = OneNote Lin&ked Notes CLSIDExtension = {FFFDC614-B694-4AE6-AB38-5D6374584B52} -> {HKLM...Wow...CLSID} = Linked Notes button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll [MS] Miscellaneous IE Hijack Points ------------------------------ HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\ <> InPrivate = res://ieframe.dll/inprivate_win7.htm [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Adobe Acrobat Update Service, AdobeARMservice, "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [Adobe Systems Incorporated] Apple Mobile Device, Apple Mobile Device, "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [Apple Inc.] Application Virtualization Client, sftlist, "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" [MS] Application Virtualization Service Agent, sftvsa, "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" [MS] Bonjour-service, Bonjour Service, "C:\Program Files\Bonjour\mDNSResponder.exe" [Apple Inc.] Client Virtualization Handler, cvhsvc, "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" [MS] devolo Network Service, DevoloNetworkService, C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [null data] Easybits Services for Windows, ezSharedSvc, C:\Windows\System32\ezSharedSvcHost.exe [file not found] ESET Service, ekrn, "C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe" [ESET] HP Support Assistant Service, HP Support Assistant Service, "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [null data] Intel(R) Management & Security Application User Notification Service, UNS, "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [Intel Corporation] Intel(R) Management and Security Application Local Management Service, LMS, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [Intel Corporation] Intel(R) Rapid Storage Technology, IAStorDataMgrSvc, "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" [null data] Internet Connection Sharing (ICS), SharedAccess, C:\Windows\System32\svchost.exe -k netsvcs {C:\Windows\System32\ipnathlp.dll [MS]} iPod-service, iPod Service, "C:\Program Files\iPod\bin\iPodService.exe" [Apple Inc.] LightScribeService Direct Disc Labeling Service, LightScribeService, "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" [Hewlett-Packard Company] Microsoft Office ClickToRun Service, ClickToRunSvc, "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service [MS] NVIDIA Display Driver Service, nvsvc, "C:\Windows\system32\nvvsvc.exe" [NVIDIA Corporation] Realtek Audio Service, RtkAudioService, C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [Realtek Semiconductor] Realtek11nSU, Realtek11nSU, C:\Program Files (x86)\11n USB Wireless LAN Utility\RtlService.exe [Realtek] Seagate Scheduler2 Service, SgtSch2Svc, "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe" [Seagate] TeamViewer 10, TeamViewer, "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe" [TeamViewer GmbH] Windows Live ID Sign-in Assistant, wlidsvc, "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [MS] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <> CleanHlp, Driver <> CleanHlp.sys, Driver <> PEVSystemStart, Service HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <> CleanHlp, Driver <> CleanHlp.sys, Driver <> PEVSystemStart, Service Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ Brother QL-570 Monitor\Driver = QL57L.DLL [Brother Industries, Ltd.] Journal Note Port\Driver = jnwmon.dll [MS] <>: Suspicious data at a browser hijack point. ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\erik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nelleke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\erik\AppData\Local\Mozilla\Firefox\Profiles\is1p0ty0.default\Cache emptied successfully C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\7icxe948.default\Cache emptied successfully C:\Users\Nelleke\AppData\Local\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Nelleke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1254 folders=408 177795622 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\erik\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\Nelleke\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Nelleke\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found ==== EOF on do 22-01-2015 at 15:50:27,12 ======================