Zoek.exe v5.0.0.0 Updated 08-April-2015 Tool run by Sonja on zo 12/04/2015 at 11:59:31,17. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Sonja\AppData\Local\Microsoft\Windows\INetCache\IE\1SMBN4MU\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-04-12-093304.log 82407 bytes ==== Running Processes ====================== C:\WINDOWS\system32\wininit.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\dwm.exe C:\WINDOWS\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\WINDOWS\system32\nvvsvc.exe C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\WLANExt.exe C:\WINDOWS\system32\conhost.exe C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe C:\WINDOWS\system32\svchost.exe -k apphost C:\WINDOWS\system32\conhost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe C:\WINDOWS\system32\dashost.exe C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe c:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\CppWindowsService.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Program Files\Samsung\Samsung Link\Samsung Link.exe C:\Program Files\Samsung\Samsung Link\Samsung Link.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\WINDOWS\system32\conhost.exe C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\WINDOWS\system32\conhost.exe C:\WINDOWS\system32\taskhostex.exe C:\WINDOWS\system32\taskeng.exe C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe C:\WINDOWS\Explorer.EXE C:\Program Files (x86)\iolo\System Mechanic\SystemGuardAlerter.exe C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe C:\Windows\System32\RuntimeBroker.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe C:\Program Files (x86)\Common Files\AVerMedia\AVerHIDReceiver\AVerHIDReceiver.exe C:\Program Files (x86)\Multifunctional Wireless Mouse Driver\StartMonitor.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Multifunctional Wireless Mouse Driver\KMProcess.exe C:\Windows\System32\SettingSyncHost.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\WINDOWS\system32\DllHost.exe C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Windows\System32\skydrive.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wwahost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Sonja\AppData\Local\Microsoft\Windows\INetCache\IE\1SMBN4MU\zoek.exe C:\WINDOWS\system32\conhost.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ==== Windows Installer Info ====================== 7-Zip 9.20 (x64 edition) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\96F071321C0420729002000010000000]C:\windows\Installer\1ca11.msi Adobe Acrobat Reader DC - Nederlands [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA73401B744CAF070E41400]C:\WINDOWS\Installer\43a4510.msi Adobe Refresh Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA408033019195008120111403]C:\WINDOWS\Installer\a6205c3.msi AllShare Framework DMS [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\72C23238F3C85A44E92BBB171622A8DD]C:\WINDOWS\Installer\d593b0.msi Apple Application Support (32-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5ECDC744555FB924FB6A46C2C3D686F4]C:\WINDOWS\Installer\3b545.msi Apple Application Support (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6907FD0A517332468337C1AE66D6D61]C:\WINDOWS\Installer\3b56d.msi Apple Mobile Device Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6013214C586B6E849BDB4E9F1148E14B]C:\WINDOWS\Installer\3b587.msi Apple Software Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\46B5A9879DD95AB419A50FCFA0B1B7EF]C:\WINDOWS\Installer\26ee66.msi AVerMedia TV Player [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D46F1DFD0FA22EC479257D108EF0D8C1]c:\windows\Installer\1ca15.msi Belgium e-ID middleware 4.0.7 (build 7466) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ED365428DA576614D90C6B84F2024766]C:\WINDOWS\Installer\b74cab3.msi Bonjour [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B0163E6D0340BE4183EB2758E9BEDD8]C:\windows\Installer\1c9c6.msi Box Sync [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6EB209991541AB64EA9A311E5F14E37B]c:\WINDOWS\Installer\3adfb.msi Broadcom Bluetooth Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0964B1A0671E33540885394908EA1E0D]C:\WINDOWS\Installer\5b9f0f.msi Broadcom Bluetooth Software [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\30DE9D6CFCF60144C97B54AC82F5E911]c:\windows\Installer\1c99b.msi Cisco EAP-FAST Module [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7810FB462D3FB89499AE61A39FEAE69C]C:\WINDOWS\Installer\8af2244.msi Cisco LEAP Module [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\70DA7C156F3C5364E8A83231608D01EF]C:\WINDOWS\Installer\8af2249.msi Cisco PEAP Module [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D6775DE4B957B64FA18F5D2497D6C04]C:\WINDOWS\Installer\8af224e.msi D3DX10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7BD4C90EC03660F46A13E87A329932FA]C:\windows\Installer\1ca34.msi DaisyTrail Water Garden Digikit [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F6C94AFE1136B6542B89B97970329B38]C:\WINDOWS\Installer\9a15a.msi DisableMSDefender [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0A93EF4767BFDC7448AB192EBB1BE72F]c:\windows\Installer\1ca9f.msi Energy Star [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D4ADA0CF5AF82544A8FF0F0AAB9CE77F]c:\windows\Installer\1c9da.msi Fitbit Connect [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A27E626D59DEA984B9B8B0A2B746A958]C:\WINDOWS\Installer\2866e7.msi Fotogalerie [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B3A4FB14A06D29E488F38CC8C8512716]C:\WINDOWS\Installer\ad8abd.msi Galerie de photos [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FF43B934E47F70845B2EB4575815ADB6]C:\WINDOWS\Installer\ad8a8b.msi Google Chrome [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B91169C5E7400336AD7FB3C2A12FD10]C:\WINDOWS\Installer\5071e.msi Google Drive [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B18863C615E01324D920FB129466D443]C:\WINDOWS\Installer\11c43d0.msi Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\18555481990E8AB4CBB63FB4F26006C0]C:\WINDOWS\Installer\43a4515.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\WINDOWS\Installer\4eb60c.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A089CE062ADB6BC44A720BA745894BAC]C:\WINDOWS\Installer\5ab4c9c.msi Hewlett-Packard ACLM.NET v1.2.2.3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\701043F6AA9F6C745BC43C1AF91155F3]C:\WINDOWS\Installer\5e8c68.msi HID OMNIKEY 3x2x PC/SC Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\50C667751EE9A344894880AF6715929F]C:\WINDOWS\Installer\f614f8b.msi HP Customer Experience Enhancements [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0694AF70830BBE9498B1F95939A05A44]C:\windows\Installer\1c9bc.msi HP ENVY 4500 series Basissoftware van het apparaat [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\35BE2E7ED2AA860428248258D9BCC7A3]C:\WINDOWS\Installer\57677a6.msi HP ENVY 4500 series Help [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E5AED0E8C2283994D87439506DE11688]C:\WINDOWS\Installer\57677b8.msi HP Postscript Converter [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6D6E41E65713A1E49B43AC5B8A3676DC]C:\windows\Installer\1c9cb.msi HP Quick Start [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7020F47589E8DC64F8971338849CC864]C:\windows\Installer\1ca03.msi HP Registration Service [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7D2F8E1D497754242B6878DE681C98C3]c:\windows\Installer\1c97d.msi HP Support Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\31B3A53EDC877694A88CAAF9AD96E3ED]C:\WINDOWS\Installer\5e8c63.msi HP Support Information [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C1B7B2BB8C7C674EBC24079135C9529]C:\windows\Installer\1caaa.msi HP Support Solutions Framework [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9CE21D69B027BF5409C4636D03A7C167]C:\WINDOWS\Installer\aa88b1.msi HP Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FC03D219E93F13B4DAA921C3B697E42E]C:\WINDOWS\Installer\57677b2.msi iCloud [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14D02E18772C625439D42F83A09FB187]C:\WINDOWS\Installer\23a79a4.msi IncrediMail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DE90FC180BF5A0E48AF3F015D4EDBACB]C:\WINDOWS\Installer\2325883e.msi Intel(R) Update Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\16041921B9BE7EA4CAE7B0A806C7D74F]C:\WINDOWS\Installer\5aebd.msi Intel(R) WiDi [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCF4B8271E1F1145BA667D9FC19960E]C:\windows\Installer\1c7e3.msi Intel© Trusted Connect Service Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CC3A00AF044783942A171F685FD04DD0]c:\windows\Installer\1c990.msi iTunes [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A565722D3300DA0498AB56A302C5CD11]C:\WINDOWS\Installer\3c5a7.msi Java 7 Update 76 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF230120767FF]C:\WINDOWS\Installer\33814c.msi Java 8 Update 31 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208130F]C:\WINDOWS\Installer\338156.msi LabelPrint [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C971C95CD8669A946BAE1012CCCF2134]c:\windows\Installer\1c9f1.msi Media Suite [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\42C6FBF1Df1C10144AB2C065F4E9E897]c:\windows\Installer\1c9ff.msi Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8DCB0F9E5DB67DE1DE3AF9FCA274A81A]C:\WINDOWS\Installer\3ae4cc.msi Microsoft Application Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021599B0090400100000000F01FEC]C:\windows\Installer\1ca25.msi Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]c:\WINDOWS\Installer\36730a.msi Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D034B0FAA6BD374B960AAD30DF10D8B]C:\windows\Installer\1ca3d.msi Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1af2a8da7e60d0b429d7e6453b3d0182]C:\WINDOWS\Installer\1573a7.msi Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\84b9c17023c712640acaf308593282f8]C:\windows\Installer\1c9a1.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3e43b73803c7c394f8a6b2f0402e19c2]C:\windows\Installer\1ca8f.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\b25099274a207264182f8181add555d0]C:\WINDOWS\Installer\402519.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\windows\Installer\1c9fb.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC]c:\windows\Installer\1c9a6.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1007C6B46D7C017319E3B52CF3EC196E]c:\windows\Installer\1caa5.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]c:\WINDOWS\Installer\1573ad.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6F9E66FF7E38E3A3FA41D89E8A906A4A]c:\WINDOWS\Installer\c6911.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]c:\windows\Installer\1c9d0.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]C:\windows\Installer\1ca95.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]c:\WINDOWS\Installer\1573b3.msi Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1926E8D15D0BCE53481466615F760A7F]c:\windows\Installer\177ff.msi Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]c:\windows\Installer\15d24.msi Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7C9F8B73BF303523781852719CD9C700]C:\WINDOWS\Installer\efda483.msi Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3AEB2FCAE628F23AAB933F1E743AB79]C:\WINDOWS\Installer\efda46b.msi Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C025571B2A687A53689168CD7369889B]C:\WINDOWS\Installer\efda4b3.msi Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DC8A59DBF9D1DA5389A1E3975220E6BB]C:\WINDOWS\Installer\efda49b.msi Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\62DBF9290209B993A9A757D1160F9B24]C:\WINDOWS\Installer\ff84a.msi Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8D947A316B3EB3F8F540C548BE2AB9]C:\WINDOWS\Installer\ff845.msi Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\22BEFC8F7E2A1793E9ADB411DEFE1C58]C:\WINDOWS\Installer\34fdd4.msi Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\21EE4A31AE32173319EEFE3BD6FDFFE3]C:\WINDOWS\Installer\34fdcf.msi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4BEA594979BAED93C82408E6FE57CE7A]c:\WINDOWS\Installer\ef420d3.msi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A95FF38022A7A3CBE8D50CBBABA178]c:\WINDOWS\Installer\ef420f3.msi Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0F0FD3BE5250A5C42A8FED8C863A70D5]C:\WINDOWS\Installer\ad8af6.msi Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\19B19C078E1660D4686D9ACD2C1989A3]C:\WINDOWS\Installer\ad8ac4.msi Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\69A46712847638B4987EA70536FB51C6]C:\WINDOWS\Installer\ad8a92.msi Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7205E5CD8E56BC1418C5A9BA84FB8B2E]C:\WINDOWS\Installer\ad8b28.msi Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B4EB76DD26E75124FA3A1F328A003A98]C:\WINDOWS\Installer\ad8a60.msi MSVCRT [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6C64DD86500CEF47BA082BB611A1FF1]C:\windows\Installer\1ca19.msi MSVCRT110 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8CDD41E806AE81E43B3E917301D4B5AD]C:\windows\Installer\1ca1c.msi MSVCRT110_amd64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F187AF9E08E3993428A5DAE3112CC877]C:\windows\Installer\1ca1f.msi NVIDIA PhysX [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A59E554B408BF9345B3333B66153EA79]C:\WINDOWS\Installer\194efb5b.msi Office 15 Click-to-Run Extensibility Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109C80000000000000000F01FEC]C:\WINDOWS\Installer\358b98.msi Office 15 Click-to-Run Licensing Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109F80000000100000000F01FEC]C:\WINDOWS\Installer\358ae4.msi Office 15 Click-to-Run Localization Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109C80031400000000000F01FEC]C:\WINDOWS\Installer\358b1f.msi paint.net [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\33C2DB918A611DE49BAE9D3EB512CE24]C:\WINDOWS\Installer\632def.msi Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4FB8353CB5373F540BE95C140A704E8E]C:\WINDOWS\Installer\ad8b14.msi Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AEDBAD784A742814AAC7C209ADEA1371]C:\WINDOWS\Installer\ad8ab0.msi Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B9FB157332F56794AA26B14F7D19CDEF]C:\WINDOWS\Installer\ad8a7e.msi Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C2210D1B2EB62A7428EAB03B6F9CC194]C:\WINDOWS\Installer\ad8ae2.msi Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\048BED4F836BECB4CAB650E73FE10021]C:\WINDOWS\Installer\ad8b21.msi Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C8E69A6B88CF5F6408E086544BCA4A95]C:\WINDOWS\Installer\ad8aef.msi Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E66BAA708174D2242981A4BFC329A217]C:\WINDOWS\Installer\ad8989.msi PhotoDirector [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\56573393E0336ba49AEACA180E27B001]c:\windows\Installer\1ca99.msi Power2Go [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D84D78A2FDF3df1479DC1A3E07FEFF2E]c:\windows\Installer\1c9d4.msi PowerDirector [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2D6F4B0BEA2FA1544969F6F2A698B723]c:\windows\Installer\1c9de.msi PowerDVD [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DE532CED4A8571542A874CE1D8EABAB3]c:\windows\Installer\1c9ec.msi PowerRecover [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BA0A2B44E214C8F40B851D8EEACCFD5F]c:\windows\Installer\1c9ad.msi Productverbeteringsonderzoek voor HP ENVY 4500 series [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\051D1B0A7759C9F4F97CDA58756CDBCF]C:\WINDOWS\Installer\57677ac.msi QuickTime 7 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C2CBC2D34D56364478BABBC258C9F1E3]C:\WINDOWS\Installer\7c194279.msi Samsung Kies [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1038C85769625584FA5435B4210089A0]C:\WINDOWS\Installer\241fa1b0.msi Samsung Kies3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\37074588665C59840950BE9EE83A7F7C]C:\WINDOWS\Installer\a5c0d01.msi Serif CraftArtist 2 Professional [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7748EB0D60268854188479E1AD6BBBDA]C:\WINDOWS\Installer\4449608.msi Serif PagePlus X5 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3859C17347158FC41BD04D3CAAE7C80D]C:\WINDOWS\Installer\470acc.msi Serif PagePlus: Business Card Template Pack 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9663C4A1EFDB0FE41980AE0F17283FB6]C:\WINDOWS\Installer\470ad5.msi Serif PagePlus: Home Stationery Template Pack - Fishing [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F3CA53ABE266BA64BB27FB48DE3433A5]C:\WINDOWS\Installer\470acf.msi Serif PagePlus: Menu Template Pack 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3BB3B1FB5AA4C3A4FA63CDEA4FA74E6F]C:\WINDOWS\Installer\470ad8.msi Serif PagePlus: Poster Template Pack 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6D989165EEB1D25438EFE6A88BF043A1]C:\WINDOWS\Installer\470ad2.msi Visual Studio 2012 x64 Redistributables [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\07E577C8197A8AD4CB3CA67B31F64448]C:\WINDOWS\Installer\b7d187.msi Visual Studio 2012 x86 Redistributables [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A91FFE89BA03B4E49B340FB6C136BE8F]C:\WINDOWS\Installer\b7d182.msi Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C842F99B3B4B16D4F9CFEA951A1F7332]C:\WINDOWS\Installer\ad8a72.msi Windows Live Communications Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\80316C14DFC645D4BAA61763DE801AE8]C:\WINDOWS\Installer\ad8922.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7A036F8F98765D446835B37269C93F73]C:\WINDOWS\Installer\ad8ad6.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8123326675AC2BA4AB349AA74A369506]C:\WINDOWS\Installer\ad8aa4.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B9A509B147BE07C48BB1F544C6715866]C:\WINDOWS\Installer\ad8b08.msi Windows Live Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C18BC956E45B1FD46B813F757793A345]C:\WINDOWS\Installer\ad8905.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4B2346D1D42EE5044ABA7D6E0D88BC9C]C:\WINDOWS\Installer\ad895a.msi Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A8F1162B7EFE88E478D5910FFEEA784E]C:\WINDOWS\Installer\ad892c.msi Windows Live SOXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00BA1CDCFF107CF418A6616CF790320C]C:\WINDOWS\Installer\ad8914.msi Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0003981D77AEC394D8DD2E2634E659B9]C:\WINDOWS\Installer\ad890c.msi Windows Live UX Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C8BD9F007D5674D4BAF56F89EE8385D0]C:\WINDOWS\Installer\ad893d.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\54B170CFF5A4F804298FD4D996E368F6]C:\WINDOWS\Installer\ad8a9a.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9222330A7FE463A4EA8D5E78E62BFD68]C:\WINDOWS\Installer\ad8acc.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A0B2C0921EEC55F4BA645417CE10AD69]C:\WINDOWS\Installer\ad8afe.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DE299B33B95B52E4F9F3FCD297BB9A41]C:\WINDOWS\Installer\ad8a68.msi YouCam [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8994BF104C33134458DE70E9E3FE7ED5]C:\windows\Installer\1ca0c.msi ==== Empty Folders Check ====================== C:\PROGRA~3\ioloGovernor deleted successfully ==== Checking Systemdrive for Symlinks ====================== Volume in drive C is Windows Volume Serial Number is 20CE-B83B Directory of C:\ 22/08/2013 16:45 Documents and Settings [C:\Users] 0 File(s) 0 bytes Directory of C:\Program Files\Windows NT 30/11/2014 12:23 Bureau-accessoires [C:\Program Files\Windows NT\Accessories] 0 File(s) 0 bytes Directory of C:\ProgramData 22/08/2013 16:45 Application Data [C:\ProgramData] 06/04/2014 09:29 Bureaublad [C:\Users\Public\Desktop] 22/08/2013 16:45 Desktop [C:\Users\Public\Desktop] 06/04/2014 09:29 Documenten [C:\Users\Public\Documents] 22/08/2013 16:45 Documents [C:\Users\Public\Documents] 06/04/2014 09:29 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 06/04/2014 09:29 Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 22/08/2013 16:45 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 22/08/2013 16:45 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\ProgramData\Microsoft\Windows\Start Menu 06/04/2014 09:29 Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\ProgramData\Oracle\Java\javapath 01/02/2015 09:27 java.exe [C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe] 01/02/2015 09:27 javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe] 01/02/2015 09:27 javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe] 3 File(s) 0 bytes Directory of C:\SYSTEM.SAV\LOGS\SymLogs 21/06/2013 08:52 cclog [C:\$SysReset\Image\Users\Public\Symantec\SymSilent\cclog] 0 File(s) 0 bytes Directory of C:\Users 22/08/2013 16:45 All Users [C:\ProgramData] 22/08/2013 16:45 Default User [C:\Users\Default] 0 File(s) 0 bytes Directory of C:\Users\Administrator 30/11/2014 11:47 Application Data [C:\Users\Administrator\AppData\Roaming] 30/11/2014 11:47 Cookies [C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCookies] 30/11/2014 11:47 Local Settings [C:\Users\Administrator\AppData\Local] 30/11/2014 11:47 Menu Start [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu] 30/11/2014 11:47 Mijn documenten [C:\Users\Administrator\Documents] 30/11/2014 11:47 NetHood [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 30/11/2014 11:47 Netwerkprinteromgeving [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 30/11/2014 11:47 Recent [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent] 30/11/2014 11:47 SendTo [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo] 30/11/2014 11:47 Sjablonen [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Administrator\AppData\Local 30/11/2014 11:47 Application Data [C:\Users\Administrator\AppData\Local] 30/11/2014 11:47 Geschiedenis [C:\Users\Administrator\AppData\Local\Microsoft\Windows\History] 30/11/2014 11:47 Temporary Internet Files [C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Administrator\AppData\Local\Microsoft\Windows 30/11/2014 11:47 Temporary Internet Files [C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu 30/11/2014 11:47 Programma's [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\Administrator\Documents 30/11/2014 11:47 Mijn afbeeldingen [C:\Users\Administrator\Pictures] 30/11/2014 11:47 Mijn muziek [C:\Users\Administrator\Music] 30/11/2014 11:47 Mijn video's [C:\Users\Administrator\Videos] 0 File(s) 0 bytes Directory of C:\Users\All Users 22/08/2013 16:45 Application Data [C:\ProgramData] 06/04/2014 09:29 Bureaublad [C:\Users\Public\Desktop] 22/08/2013 16:45 Desktop [C:\Users\Public\Desktop] 06/04/2014 09:29 Documenten [C:\Users\Public\Documents] 22/08/2013 16:45 Documents [C:\Users\Public\Documents] 06/04/2014 09:29 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 06/04/2014 09:29 Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 22/08/2013 16:45 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 22/08/2013 16:45 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\All Users\Microsoft\Windows\Start Menu 06/04/2014 09:29 Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\All Users\Oracle\Java\javapath 01/02/2015 09:27 java.exe [C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe] 01/02/2015 09:27 javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe] 01/02/2015 09:27 javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe] 3 File(s) 0 bytes Directory of C:\Users\Default 22/08/2013 16:45 Application Data [C:\Users\Default\AppData\Roaming] 22/08/2013 16:45 Cookies [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies] 22/08/2013 16:45 Local Settings [C:\Users\Default\AppData\Local] 30/11/2014 12:23 Menu Start [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 30/11/2014 12:23 Mijn documenten [C:\Users\Default\Documents] 22/08/2013 16:45 My Documents [C:\Users\Default\Documents] 22/08/2013 16:45 NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 30/11/2014 12:23 Netwerkprinteromgeving [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 22/08/2013 16:45 PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 22/08/2013 16:45 Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 22/08/2013 16:45 SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 30/11/2014 12:23 Sjablonen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 22/08/2013 16:45 Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 22/08/2013 16:45 Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Local 22/08/2013 16:45 Application Data [C:\Users\Default\AppData\Local] 30/11/2014 12:23 Geschiedenis [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 22/08/2013 16:45 History [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 22/08/2013 16:45 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Local\Microsoft\Windows 22/08/2013 16:45 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu 30/11/2014 12:23 Programma's [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\Default\Documents 30/11/2014 12:23 Mijn afbeeldingen [C:\Users\Default\Pictures] 30/11/2014 12:23 Mijn muziek [C:\Users\Default\Music] 30/11/2014 12:23 Mijn video's [C:\Users\Default\Videos] 22/08/2013 16:45 My Music [C:\Users\Default\Music] 22/08/2013 16:45 My Pictures [C:\Users\Default\Pictures] 22/08/2013 16:45 My Videos [C:\Users\Default\Videos] 0 File(s) 0 bytes Directory of C:\Users\Default.migrated 06/04/2014 09:29 Menu Start [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 06/04/2014 09:29 Mijn documenten [C:\Users\Default\Documents] 06/04/2014 09:29 Netwerkprinteromgeving [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 06/04/2014 09:29 Sjablonen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Default.migrated\AppData\Local 06/04/2014 09:29 Geschiedenis [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 0 File(s) 0 bytes Directory of C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu 06/04/2014 09:29 Programma's [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\Default.migrated\Documents 06/04/2014 09:29 Mijn afbeeldingen [C:\Users\Default\Pictures] 06/04/2014 09:29 Mijn muziek [C:\Users\Default\Music] 06/04/2014 09:29 Mijn video's [C:\Users\Default\Videos] 26/07/2012 09:22 My Music [C:\$SysReset\Image\Users\Default\Music] 26/07/2012 09:22 My Pictures [C:\$SysReset\Image\Users\Default\Pictures] 26/07/2012 09:22 My Videos [C:\$SysReset\Image\Users\Default\Videos] 0 File(s) 0 bytes Directory of C:\Users\Gast 30/11/2014 11:47 Application Data [C:\Users\Gast\AppData\Roaming] 30/11/2014 11:47 Cookies [C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCookies] 30/11/2014 11:47 Local Settings [C:\Users\Gast\AppData\Local] 30/11/2014 11:47 Menu Start [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu] 30/11/2014 11:47 Mijn documenten [C:\Users\Gast\Documents] 30/11/2014 11:47 NetHood [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 30/11/2014 11:47 Netwerkprinteromgeving [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 30/11/2014 11:47 Recent [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Recent] 30/11/2014 11:47 SendTo [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\SendTo] 30/11/2014 11:47 Sjablonen [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Gast\AppData\Local 30/11/2014 11:47 Application Data [C:\Users\Gast\AppData\Local] 30/11/2014 11:47 Geschiedenis [C:\Users\Gast\AppData\Local\Microsoft\Windows\History] 30/11/2014 11:47 Temporary Internet Files [C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Gast\AppData\Local\Microsoft\Windows 30/11/2014 11:47 Temporary Internet Files [C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu 30/11/2014 11:47 Programma's [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\Gast\Documents 30/11/2014 11:47 Mijn afbeeldingen [C:\Users\Gast\Pictures] 30/11/2014 11:47 Mijn muziek [C:\Users\Gast\Music] 30/11/2014 11:47 Mijn video's [C:\Users\Gast\Videos] 0 File(s) 0 bytes Directory of C:\Users\Paul 30/11/2014 11:47 Application Data [C:\Users\Paul\AppData\Roaming] 30/11/2014 11:47 Cookies [C:\Users\Paul\AppData\Local\Microsoft\Windows\INetCookies] 30/11/2014 11:47 Local Settings [C:\Users\Paul\AppData\Local] 30/11/2014 11:47 Menu Start [C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu] 30/11/2014 11:47 Mijn documenten [C:\Users\Paul\Documents] 30/11/2014 11:47 NetHood [C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 30/11/2014 11:47 Netwerkprinteromgeving [C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 30/11/2014 11:47 Recent [C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Recent] 30/11/2014 11:47 SendTo [C:\Users\Paul\AppData\Roaming\Microsoft\Windows\SendTo] 30/11/2014 11:47 Sjablonen [C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Paul\AppData\Local 30/11/2014 11:47 Application Data [C:\Users\Paul\AppData\Local] 30/11/2014 11:47 Geschiedenis [C:\Users\Paul\AppData\Local\Microsoft\Windows\History] 30/11/2014 11:47 Temporary Internet Files [C:\Users\Paul\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Paul\AppData\Local\Microsoft\Windows 30/11/2014 11:47 Temporary Internet Files [C:\Users\Paul\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu 30/11/2014 11:47 Programma's [C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\Paul\Documents 30/11/2014 11:47 Mijn afbeeldingen [C:\Users\Paul\Pictures] 30/11/2014 11:47 Mijn muziek [C:\Users\Paul\Music] 30/11/2014 11:47 Mijn video's [C:\Users\Paul\Videos] 0 File(s) 0 bytes Directory of C:\Users\Public\Documents 06/04/2014 09:29 Mijn afbeeldingen [C:\Users\Public\Pictures] 06/04/2014 09:29 Mijn muziek [C:\Users\Public\Music] 06/04/2014 09:29 Mijn video's [C:\Users\Public\Videos] 22/08/2013 16:45 My Music [C:\Users\Public\Music] 22/08/2013 16:45 My Pictures [C:\Users\Public\Pictures] 22/08/2013 16:45 My Videos [C:\Users\Public\Videos] 0 File(s) 0 bytes Directory of C:\Users\Sonja 30/11/2014 11:47 Application Data [C:\Users\Sonja\AppData\Roaming] 30/11/2014 11:47 Cookies [C:\Users\Sonja\AppData\Local\Microsoft\Windows\INetCookies] 30/11/2014 11:47 Local Settings [C:\Users\Sonja\AppData\Local] 30/11/2014 11:47 Menu Start [C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu] 30/11/2014 11:47 Mijn documenten [C:\Users\Sonja\Documents] 30/11/2014 11:47 NetHood [C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 30/11/2014 11:47 Netwerkprinteromgeving [C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 30/11/2014 11:47 Recent [C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Recent] 30/11/2014 11:47 SendTo [C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\SendTo] 30/11/2014 11:47 Sjablonen [C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Sonja\AppData\Local 30/11/2014 11:47 Application Data [C:\Users\Sonja\AppData\Local] 30/11/2014 11:47 Geschiedenis [C:\Users\Sonja\AppData\Local\Microsoft\Windows\History] 30/11/2014 11:47 Temporary Internet Files [C:\Users\Sonja\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Sonja\AppData\Local\Microsoft\Windows 30/11/2014 11:47 Temporary Internet Files [C:\Users\Sonja\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu 30/11/2014 11:47 Programma's [C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\Sonja\Documents 30/11/2014 11:47 Mijn afbeeldingen [C:\Users\Sonja\Pictures] 30/11/2014 11:47 Mijn muziek [C:\Users\Sonja\Music] 30/11/2014 11:47 Mijn video's [C:\Users\Sonja\Videos] 0 File(s) 0 bytes Total Files Listed: 6 File(s) 0 bytes 141 Dir(s) 839ÿ815ÿ761ÿ920 bytes free ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 7-Zip 9.20 (x64 edition) Adobe Acrobat Reader DC - Nederlands Adobe Flash Player 17 NPAPI Adobe Refresh Manager AllShare Framework DMS Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update AVerMedia TV Player Bejeweled© 3 Belgium e-ID middleware 4.0.7 (build 7466) Bonjour Box Sync Broadcom 802.11 Network Adapter Broadcom Bluetooth Drivers Broadcom Bluetooth Software CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CyberLink LabelPrint CyberLink Media Suite 10 Cyberlink PhotoDirector CyberLink Power2Go 8 CyberLink PowerDirector 10 CyberLink PowerDVD CyberLink YouCam D3DX10 DaisyTrail Water Garden Digikit De SimsT 3 De SimsT 4 De SimsT 4 Cre‰er-een-Sim Demo DisableMSDefender Dropbox Duplicate Cleaner Free 3.2.4 EasyDuplicateFinder v4.7 Energy Star EnterImage 3.0 Facebook Video Calling 3.1.0.521 File Type Advisor 1.6 Fitbit Connect Fotogalerie Free M4a to MP3 Converter 8.3 Funny Photo Maker 2.4.2 Galerie de photos GIMP 2.8.10 Google Chrome Google Cloudprinter Google Drive Google Toolbar for Internet Explorer Google Update Helper Hewlett-Packard ACLM.NET v1.2.2.3 HID OMNIKEY 3x2x PC/SC Driver HP Connected Music (Meridian - installer) HP Connected Music (Meridian - player) HP Customer Experience Enhancements HP ENVY 4500 series Basissoftware van het apparaat HP ENVY 4500 series Help HP Photo Creations HP Postscript Converter HP Quick Start HP Registration Service HP Support Information HP Support Solutions Framework HP Update HPDetect iCloud IncrediMail Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel(R) Update Manager Intel(R) WiDi Intel© Trusted Connect Service Client IObit Uninstaller IObit Unlocker iolo technologies' System Mechanic iTunes iTunes Agent 1.3.4 Java 7 Update 76 Java 8 Update 31 K-Lite Codec Pack 9.3.0 (Basic) LastPass (alleen de‹nstalleren) Malwarebytes Anti-Malware versie 2.0.4.1028 Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) Microsoft Office 2013 voor Thuisgebruik en Studenten - nl-nl Microsoft OneDrive Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Movie Maker Mozilla Firefox 36.0.4 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT110 MSVCRT110_amd64 Multifunctional Wireless Mouse Driver MyFreeCodec NVIDIA 3D Vision controllerstuurprogramma 344.11 NVIDIA 3D Vision stuurprogramma 344.11 NVIDIA GeForce Experience 2.1.2 NVIDIA Grafisch stuurprogramma 344.11 NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.14.0702 NVIDIA Stereoscopic 3D Driver Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Origin paint.net PC Drukkerij Wenskaarten & Uitnodigingen Peggle Photo Common Photo Gallery Picasa 3 PowerISO Productverbeteringsonderzoek voor HP ENVY 4500 series QuickTime 7 Realtek Card Reader Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Recovery Manager Revo Uninstaller 1.95 Samsung Kies3 Samsung Link 2.0.0.1503181422 SAMSUNG USB Driver for Mobile Phones Serif PagePlus X5 Serif PagePlus: Business Card Template Pack 1 Serif PagePlus: Home Stationery Template Pack - Fishing Serif PagePlus: Menu Template Pack 1 Serif PagePlus: Poster Template Pack 1 Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Wifi-fikser versie 1.0 Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR 5.10 (64-bit) ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Sonja\AppData\Roaming\iolo deleted C:\Users\Sonja\AppData\Roaming\ProductData deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 6015 MB CPU Info: Intel(R) Core(TM) i5-3330S CPU @ 2.70GHz CPU Speed: 2727,1 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | Intel(R) HD Graphics | NVIDIA GeForce 710A Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth-apparaat (Personal Area Network) | Realtek PCIe GBE Family Controller | Broadcom BCM943228HMB 802.11abgn 2x2 Wi-Fi Adapter CD / DVD Drives: 1x (F: | ) F: hp DVD A DS8A9SH Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 914,3GB | D: 14,9GB Hard Disks - Free: C: 782,1GB | D: 1,8GB Manufacturer *: AMI BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 2AF9 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 41.0.2272.118 Internet Explorer Version: 11.0.9600.17690 Mozilla Firefox version: 36.0.4 (x86 nl) Google Chrome version: 41.0.2272.118 Adobe Reader version: 15.7.20033.133275 Sun Java version: 1.8.0_31 (32-bit) Sun Java version: 1.8.0_31 (64-bit) Flash Player version: 17.0.0.134 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Sonja\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-03-31 06:38:25 46DE9C72EE0F23B9AB6A625214C16FE3 1124352 ----a-w- C:\WINDOWS\SysWOW64\msctf.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-03-31 19:07:16 293C21F0EE9720B9B710DDA40A545CFD 128288 ----a-w- C:\WINDOWS\Sysnative\IObitSmartDefragExtension.dll 2015-03-31 06:38:25 3E9BB985DF2FF26CCE840DE1D24E9381 1385256 ----a-w- C:\WINDOWS\Sysnative\msctf.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2015-03-31 19:07:16 E77CB3736A702D46A6FB15FB4A9894E3 21184 ----a-w- C:\WINDOWS\Sysnative\drivers\SmartDefragDriver.sys ====== C:\WINDOWS\Tasks ====== 2015-04-11 09:39:16 9F3D093A37E3470D70994657C21C5971 3354 ----a-w- C:\WINDOWS\Sysnative\Tasks\Uninstaller_SkipUac_Sonja 2015-04-10 05:10:26 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Acrobat Update Task 2015-04-04 04:42:34 B939E91E2D0C58CA1956956FDFAF7C2C 3596 ----a-w- C:\WINDOWS\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4182331514-222226932-2793567021-1005 2015-04-04 04:42:05 C11B6FDA4DEA7FE9A20CD9FCC0F059E0 3354 ----a-w- C:\WINDOWS\Sysnative\Tasks\Uninstaller_SkipUac_Paul 2015-03-31 19:07:16 6E00C2A1541988473944450193CCE5D2 3176 ----a-w- C:\WINDOWS\Sysnative\Tasks\SmartDefrag4_Update 2015-03-20 08:27:36 B1D61C402408BD5F2988A67C5ED66D14 414 ----a-w- C:\WINDOWS\Tasks\HP Photo Creations Communicator.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-04-10 05:10:50 -------- d-----w- C:\Program Files\Google 2015-03-19 07:46:14 -------- d-----w- C:\Program Files\paint.net ======= C:\PROGRA~2 ===== 2015-04-10 05:09:55 -------- d-----w- C:\PROGRA~2\Adobe ======= C: ===== 2015-03-31 19:02:43 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\asc_rdflag ====== C:\Users\Sonja\AppData\Roaming ====== 2015-04-12 09:29:51 5A6AD703A4E106A25CBE94F04D148A12 2519232 ----a-w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2015-04-12 09:29:35 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp 2015-04-12 09:29:35 -------- d-----w- C:\Users\Sonja\AppData\Local\Temp 2015-04-12 09:29:35 -------- d-----w- C:\Users\Paul\AppData\Local\Temp 2015-04-12 09:29:35 -------- d-----w- C:\Users\Gast\AppData\Local\Temp 2015-04-12 09:29:35 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-04-12 09:29:35 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-04-12 09:29:35 -------- d-----w- C:\Users\Administrator\AppData\Local\Temp 2015-04-09 09:18:02 -------- d-----w- C:\Users\Sonja\AppData\Roaming\PANASONIC NN-CS894SEPG user guide 2015-04-08 16:03:01 -------- d-----w- C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth 2015-04-05 09:21:56 -------- d-----w- C:\Users\Sonja\AppData\Locallow\Google 2015-04-04 04:36:09 -------- d-----w- C:\Users\Paul\AppData\Roaming\Origin 2015-04-04 04:36:03 -------- d-----w- C:\Users\Paul\AppData\Local\Origin 2015-04-04 04:35:52 -------- d-----w- C:\Users\Paul\AppData\Roaming\Local 2015-04-04 04:34:27 -------- d-----w- C:\Users\Paul\AppData\Local\Power2Go8 2015-04-04 04:34:26 -------- d-----w- C:\Users\Paul\AppData\Roaming\ioloGovernor 2015-04-04 04:34:07 -------- d-----w- C:\Users\Paul\AppData\Roaming\Adobe 2015-04-04 04:33:45 -------- d-----w- C:\Users\Paul\AppData\Roaming\iolo 2015-04-04 04:33:38 -------- d-----w- C:\Users\Paul\AppData\Local\NVIDIA Corporation 2015-04-04 04:33:38 -------- d-----w- C:\Users\Paul\AppData\Local\NVIDIA 2015-04-04 04:33:37 -------- d-----w- C:\Users\Paul\AppData\Local\AVerMedia 2015-03-31 12:21:18 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Locallow\Temp 2015-03-20 07:57:35 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft 2015-03-19 07:45:55 -------- d-----w- C:\Users\Sonja\AppData\Local\paint.net 2015-03-19 07:24:21 8DE9F588DFB1641F2C0EA05BD4B60605 218 ----a-w- C:\Users\Sonja\AppData\Local\recently-used.xbel 2015-03-19 07:01:32 -------- d-----w- C:\Users\Sonja\AppData\Roaming\inkscape ====== C:\Users\Sonja ====== 2015-04-12 10:05:13 -------- d-----w- C:\ProgramData\ioloGovernor 2015-04-12 04:27:52 61FFBA8DB97D6F32C87E61123B7A9B49 755142088 ----a-w- C:\Users\Sonja\Downloads\ESDPK-FP02-CraftArtist2-Pro-GB.exe 2015-04-10 11:47:55 C7969516D87176867BD5AE772967006F 3894696 ----a-w- C:\Users\Sonja\Downloads\Setup_WinThruster_2015.exe 2015-04-10 09:43:46 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Sonja\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.146352088366273705.2.2.Run.exe 2015-04-10 09:37:32 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Sonja\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.146352088366273705.2.1.Run.exe 2015-04-10 05:10:44 -------- d-----w- C:\ProgramData\Google 2015-04-09 09:16:49 03CEEC8D84F62FE0C5C076F0332A671B 935864 ----a-w- C:\Users\Sonja\Downloads\PANASONIC NN-CS894SEPG user guide provided through pdfretriever.com.exe 2015-04-04 05:19:09 A163AF12EBC6E30E35E48597E8D46F6C 30424208 ----a-w- C:\Users\Sonja\Downloads\mp68-win-mg5200-1_05-ea24 (7).exe 2015-04-04 04:33:35 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\Paul\ntuser.ini ====== C: exe-files == 2015-04-12 05:22:02 F15945323AF428B653330E725EB93B7C 3750512 ----a-w- C:\Program Files (x86)\File Type Advisor\fileadvisor.exe 2015-04-12 05:22:01 4D161E5B816B3B7913C7A58C690E78A9 1177712 ----a-w- C:\Program Files (x86)\File Type Advisor\unins000.exe 2015-04-12 04:27:52 61FFBA8DB97D6F32C87E61123B7A9B49 755142088 ----a-w- C:\Users\Sonja\Downloads\ESDPK-FP02-CraftArtist2-Pro-GB.exe 2015-04-11 04:29:35 D0DBF760E14DD8E073C65894BEBA4559 448352 ----a-w- C:\Users\Sonja\AppData\Local\NVIDIA\NvBackend\Packages\000073e8\CoProc update.19480396.exe 2015-04-11 04:29:35 AC16DE56C389C57D3BAD8FB91C17BF52 5373408 ----a-w- C:\Users\Sonja\AppData\Local\NVIDIA\NvBackend\Packages\000073d3\DAO.19477205.exe 2015-04-10 11:47:55 C7969516D87176867BD5AE772967006F 3894696 ----a-w- C:\Users\Sonja\Downloads\Setup_WinThruster_2015.exe 2015-04-10 09:43:46 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Sonja\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.146352088366273705.2.2.Run.exe 2015-04-10 09:37:32 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\Sonja\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.146352088366273705.2.1.Run.exe 2015-04-10 06:28:28 78206B34BD050DB564BF5B4B8C697925 1617224 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\SearchWithGoogleUpdate_6F4EEAE8D7FCDAD8.exe 2015-04-10 06:28:24 211F96EB417FF837A70F5130E63A1A45 400840 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_4D9709C1FA1422BA.exe 2015-04-10 06:28:20 E8B7FD67DA14A7BE57A5CB80E3139E60 309704 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_52E818EF81C83A9B.exe 2015-04-10 06:28:16 327C893AA5966AC436CA275F8D64C8C0 1072072 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_BA9226F4C70BECC2.exe 2015-04-10 06:27:16 D15EE16B871FE911D8D7C91FD5F57EBA 532312 ----a-w- C:\Program Files (x86)\Google\Update\Install\{BF31B2FF-D34B-457C-994F-898A60B35D7E}\GoogleToolbarInstaller_updater_signed.exe 2015-04-10 06:27:16 D15EE16B871FE911D8D7C91FD5F57EBA 532312 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.6227.252\GoogleToolbarInstaller_updater_signed.exe 2015-04-10 05:14:50 A30351F539D71D6199BD2295CC234E96 531424 ----a-w- C:\ProgramData\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe 2015-04-10 05:10:50 5D61BE7DB55B026A5D61A3EED09D0EAD 39408 ----a-w- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2015-04-10 05:10:50 5D4BC124FAAE6730AC002CDB67BF1A1C 194032 ----a-w- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 2015-04-10 05:10:49 E8B7FD67DA14A7BE57A5CB80E3139E60 309704 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe 2015-04-10 05:10:49 211F96EB417FF837A70F5130E63A1A45 400840 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_64.exe 2015-04-10 05:10:48 1F2AFAB903C0D48480561F3BBD4539C2 739640 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleUpdateSetup_5CC4B0F53D73AD88.exe 2015-04-10 05:10:47 4BEAF576CB43358C4DB9F45AC7C09CDB 194032 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleUpdaterService_B33FC4DD36A473C6.exe 2015-04-10 05:10:41 2040B57C08F7A97E4E44ACB324647CF2 6110688 ----atw- C:\Program Files (x86)\Google\Update\Install\{F8007B0D-093C-4F8F-B561-F226A48B86B2}\googletoolbarinstaller_full_signed.exe 2015-04-10 05:10:39 2040B57C08F7A97E4E44ACB324647CF2 6110688 ----atw- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\0.0.0.0\googletoolbarinstaller_full_signed.exe 2015-04-09 15:37:02 9AE6D64808CCC61E312D5E93A7A68B6E 675256 ----a-w- C:\Users\Sonja\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2015-04-09 15:36:58 0DEF0E22B19B4BCC66E0C0F91EE00CA8 172984 ----a-w- C:\Users\Sonja\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2015-04-09 09:16:49 03CEEC8D84F62FE0C5C076F0332A671B 935864 ----a-w- C:\Users\Sonja\Downloads\PANASONIC NN-CS894SEPG user guide provided through pdfretriever.com.exe 2015-04-08 16:14:06 DE395ADB369470A953A11B8C300697E2 35680 ----a-w- C:\Program Files\Samsung\Samsung Link\.install4j\i4jdel.exe 2015-04-08 16:14:04 6E5DBE0D641BD6304873EEE83A635533 389984 ----a-w- C:\Program Files\Samsung\Samsung Link\utils\setup.exe 2015-04-08 16:14:03 F72DB23288C49092E31272E4CAF281C8 23392 ----a-w- C:\Program Files\Samsung\Samsung Link\utils\VideoSnapper.exe 2015-04-08 16:14:02 FF91BD7A836556EC8244D0340009A765 1562976 ----a-w- C:\Program Files\Samsung\Samsung Link\utils\SocketTranscoder.exe 2015-04-08 16:13:53 F51C6B5377271E6F317D84FD0230F7CD 607584 ----a-w- C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe 2015-04-08 16:13:53 0BA134F4C582D5C7FEE19599813FE7B6 616288 ----a-w- C:\Program Files\Samsung\Samsung Link\Samsung Link.exe 2015-04-08 16:13:52 6A1B6A55BFECBD7D5FE8E38DB1C6A1EE 607072 ----a-w- C:\Program Files\Samsung\Samsung Link\Samsung Link Stop.exe 2015-04-08 16:13:52 141EA95ED6EB402C86B977840AEAAD94 607072 ----a-w- C:\Program Files\Samsung\Samsung Link\Samsung Link Menu Start.exe 2015-04-08 16:13:52 0177BAF8A5CEB4120449C4AF47755D4C 607072 ----a-w- C:\Program Files\Samsung\Samsung Link\Samsung Link Start.exe 2015-04-08 16:13:50 CD927996F9D87C857C629A627A0E5151 607072 ----a-w- C:\Program Files\Samsung\Samsung Link\InstallerLauncher.exe 2015-04-08 16:13:50 485BC4134AE50051D15AA45A2ACB2B8E 607072 ----a-w- C:\Program Files\Samsung\Samsung Link\uninstall.exe 2015-04-08 16:13:50 2E832495A84677535054C66620D05902 607072 ----a-w- C:\Program Files\Samsung\Samsung Link\ChangeProperty.exe 2015-04-08 15:38:34 FDB6BB53EFDE59ADE652188DB37CF2F9 77104 ----a-w- C:\Users\Sonja\AppData\Local\Apple\Apple Software Update\SetupAdmin.exe 2015-04-06 10:15:19 58A07163780DFCCA0E8F82886750AAB5 787968 ----a-w- C:\Users\Sonja\AppData\Local\Packages\CapsuleDigital.PhotoFunia_yede6ekgzbztc\AC\Microsoft\CLR_v4.0_32\NativeImages\PhotoFunia.Win8\6139486b05da3fd3c8ea37d95c5216f7\PhotoFunia.Win8.ni.exe === C: other files == 2015-04-11 05:26:48 85EFFE9A1785ADE4E529BFBA02E9F9CF 896979 ----a-w- C:\ProgramData\iolo\logs\iolo_bugreport_04_11_2015_07_26.zip 2015-04-11 05:04:01 AC140005381F99CE73A17D2FDC76D310 896976 ----a-w- C:\ProgramData\iolo\logs\iolo_bugreport_04_11_2015_07_04.zip 2015-04-10 06:41:09 11F90306660E7C9996DB8817CEB9AFAF 385 ----a-w- C:\Users\Sonja\AppData\Roaming\Serif\CraftArtist\2.0\Data\AutoCorrectOptions.zip 2015-04-10 06:35:46 BC5A2B2928D2734A2FD5978EB8398BDE 786 ----a-w- C:\Users\Sonja\AppData\Roaming\Serif\CraftArtist\2.0\Data\AutoCorrect.zip 2015-04-10 05:48:11 DB9467F30A358F2CA900F79D9F3FF454 5011 ----a-w- C:\Users\Sonja\AppData\Roaming\Serif\PagePlus\15.0\Data\ColourSchemes.zip 2015-04-10 05:48:11 D38AD8CC5EF33901C56BB9964AF73CBD 3570 ----a-w- C:\Users\Sonja\AppData\Roaming\Serif\PagePlus\15.0\Data\Attributes.zip 2015-04-10 05:48:11 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Sonja\AppData\Roaming\Serif\PagePlus\15.0\Data\Variables.zip 2015-04-10 05:48:11 6BBF3BEAA369334D7185F6C620E5F16D 651 ----a-w- C:\Users\Sonja\AppData\Roaming\Serif\PagePlus\15.0\Data\FillTableSolid.zip 2015-04-10 05:48:11 43CD423A10E8DA3B65507AC147754D8F 598 ----a-w- C:\Users\Sonja\AppData\Roaming\Serif\PagePlus\15.0\Data\Transparency.zip 2015-04-10 05:48:11 30D8B31449B83BA0CEF1FEF110644857 11023 ----a-w- C:\Users\Sonja\AppData\Roaming\Serif\PagePlus\15.0\Data\AutoCorrect.zip 2015-04-10 05:47:45 6EA35F996093BF485B0BF793DFF5D3CA 7492 ----a-w- C:\Users\Sonja\AppData\Roaming\Serif\PagePlus\15.0\Data\Font Panose Numbers.zip 2015-04-08 16:13:54 E7B2B0424B7BB5F11C32AF9B11C16C85 130 ----a-w- C:\Program Files\Samsung\Samsung Link\bin\moveASPInfo.bat 2015-04-08 16:13:54 B7DBE89A7736ECEA573A0360388CAB9A 65 ----a-w- C:\Program Files\Samsung\Samsung Link\bin\configService.bat 2015-04-08 16:13:54 425ABD81784F3909B41B24453FF655AA 1866 ----a-w- C:\Program Files\Samsung\Samsung Link\bin\logLevelChange.bat 2015-04-08 16:13:54 3F1FFE0343472138D63274B287DF7589 43 ----a-w- C:\Program Files\Samsung\Samsung Link\bin\filePlay.bat 2015-04-08 16:13:54 3C75DF47479CFB8D43302034B7F93BD7 114 ----a-w- C:\Program Files\Samsung\Samsung Link\bin\UnRegistWebPlugin.bat 2015-04-08 16:13:54 0FE2616A8A0A33552C2006EA7B48EDFE 358 ----a-w- C:\Program Files\Samsung\Samsung Link\bin\RegistHLS.bat 2015-04-08 16:13:54 0F9E59586D9962D6D0A872EC09BF61F0 374 ----a-w- C:\Program Files\Samsung\Samsung Link\bin\UnRegistHLS.bat 2015-04-08 04:31:21 7DDC9F91B6BD312A4BA3F8DBB7EE1BA3 596533 ----a-w- C:\Users\Sonja\Downloads\Panasonic Dimension 4 Microwav Downloader.zip 2015-04-06 14:04:03 4AD1D86D720A70D0A33C8EDA2E49C7F5 1263145 ----a-w- C:\Users\Sonja\AppData\Roaming\Serif\PagePlus\15.0\Data\PhotoLab.zip ======== System Restore Points ======== RP49: 8/04/2015 6:52:43 - End of disinfection RP51: 10/04/2015 7:15:17 - HPSF Restore Point RP52: 10/04/2015 7:20:31 - Installed Serif CraftArtist 2 Professional RP53: 10/04/2015 7:34:17 - Installed Angie Hinksman, Sew in Love Digikit RP54: 10/04/2015 7:36:04 - Installed DaisyTrail Water Garden Digikit RP55: 10/04/2015 16:46:25 - Herstelbewerking RP56: 11/04/2015 11:38:48 - Removed Angie Hinksman, Sew in Love Digikit RP57: 12/04/2015 6:56:40 - Herstelbewerking RP58: 12/04/2015 11:04:46 - zoek.exe restore point ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto" [HKEY_USERS\S-1-5-21-4182331514-222226932-2793567021-1002\Software\iolo\System Mechanic\startup manager\configuration\Disabled\registry\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_F5ACE9CBA9B961B5FA5F1BC0A67E7A66"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Facebook Update"="C:\Users\Sonja\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "SkyDrive"="C:\Users\Sonja\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background" "Fitbit Connect"="C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe /autorun" [HKEY_USERS\S-1-5-21-4182331514-222226932-2793567021-1002\Software\iolo\System Mechanic\startup manager\configuration\Disabled\registry\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "PWRISOVM.EXE"="C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup" "Fitbit Connect"="C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe /autorun" [HKEY_USERS\S-1-5-21-4182331514-222226932-2793567021-1002\Software\Microsoft\Windows\CurrentVersion\Run] "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" "HP ENVY 4500 series (NET)"="C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe -deviceID CN4A7142VC060D:NW -scfn HP ENVY 4500 series (NET) -AutoStart 1" "GoogleChromeAutoLaunch_F5ACE9CBA9B961B5FA5F1BC0A67E7A66"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Wireless Mouse"="C:\Program Files (x86)\Multifunctional Wireless Mouse Driver\StartMonitor.exe KMProcess.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" "HP ENVY 4500 series (NET)"="C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe -deviceID CN4A7142VC060D:NW -scfn HP ENVY 4500 series (NET) -AutoStart 1" "GoogleChromeAutoLaunch_F5ACE9CBA9B961B5FA5F1BC0A67E7A66"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "Samsung Link"="C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" "BoxSync"="c:\Program Files\Box\Box Sync\BoxSync.exe -m" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /ANDREA_BF_BYPASS" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="0Z, C:\\WINDOWS\\system32\\nvinitx.dll" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvUpdatusService] ==== Startup Folders ====================== 2015-03-29 12:41:38 1190 ----a-w- C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-06-21 06:48:01 2361 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk 2014-12-04 10:12:22 2131 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk 2014-12-04 10:12:14 2131 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-4182331514-222226932-2793567021-1002Core1d001b825d80f0b.job --a-------- C:\Users\Sonja\AppData\Local\Facebook\Update\FacebookUpdate.exe [16/11/2014 18:12] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/04/2014 11:28] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/04/2014 11:28] C:\WINDOWS\tasks\HP Photo Creations Communicator.job --a-------- C:\Users\Sonja\AppData\Roaming\HP Photo Creations\Communicator.exe [12/03/2011 12:11] C:\WINDOWS\tasks\HPCeeScheduleForSonja.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 23:15] C:\WINDOWS\tasks\Uninstaller_SkipUac_Administrator.job --a-------- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [25/01/2015 11:08] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\WINDOWS\SysNative\tasks\CLVDLauncher" [c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\WINDOWS\SysNative\tasks\FileAdvisorCheck" ["C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe"] "C:\WINDOWS\SysNative\tasks\FileAdvisorUpdate" ["C:\Program Files (x86)\File Type Advisor\fileadvisor.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP ENVY 4500 series" ["C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\iolo Process Governor" [C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" [C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\WINDOWS\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\WINDOWS\SysNative\tasks\SmartDefrag4_Update" [C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe] "C:\WINDOWS\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\WINDOWS\SysNative\tasks\Uninstaller_SkipUac_Paul" ["C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe"] "C:\WINDOWS\SysNative\tasks\Uninstaller_SkipUac_Sonja" ["C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{172F16A2-59EB-45A4-A698-675688C853A2}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN4A7142VC" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Sonja\AppData\Roaming\Mozilla\Firefox\Profiles\w7t3kbye.default-1410698837574 user_pref("browser.search.selectedEngine", "Google"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Sonja\AppData\Roaming\Mozilla\Firefox\Profiles\w7t3kbye.default-1410698837574 - LastPass - %ProfilePath%\extensions\support@lastpass.com - Addictive Typing Lessons - %ProfilePath%\extensions\addictive_typing_lessons@tomkennedy.net.xpi - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - Numpad Typing Drills - %ProfilePath%\extensions\numpadtyping@tomkennedy.xpi - WhatsApp Panel - %ProfilePath%\extensions\whatsapppanel@alejandrobrizuela.com.ar.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Sonja\AppData\Roaming\Mozilla\Firefox\Profiles\w7t3kbye.default-1410698837574 C8B4AB4EC6BC1AD7B68E7EB832927927 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 43583AB4DFD406F4C188342F41B1F91C - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll - Shockwave Flash E3D40D344C196E66D4346CCECED7AC1C - C:\Users\Sonja\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll - HPDetect 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Sonja\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 77B6DD23DCA19A217D5A4C4CAF962895 - C:\Users\Sonja\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer ==== Chromium Look ====================== Google Chrome Version: 41.0.2272.118 (Latest Stable version: 41.0.2272.118) [z-db] HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions hdokiejnpimakedhajhdlcegeplioahd - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - C:\Users\Sonja\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[26/10/2014 14:53] Google Drive - Sonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf LastPass - Sonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd Google Wallet - Sonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Slides - C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Docs - C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf LastPass - C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd Google Wallet - C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7RVEA_nlBE635" ==== Reset Google Chrome ====================== C:\Users\Sonja\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Sonja\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Sonja\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Sonja\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\Gast\Desktop\EnterImage.lnk - C:\Program Files (x86)\EnterImage\EnterImage.exe C:\Users\Paul\Desktop\EnterImage.lnk - C:\Program Files (x86)\EnterImage\EnterImage.exe C:\Users\Sonja\Desktop\AA_v3.5 - Snelkoppeling.lnk - C:\Users\Sonja\Pictures\Cards\AA_v3.5.exe C:\Users\Sonja\Desktop\App-opstartprogramma van Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Sonja\Desktop\Box Sync.lnk - C:\Users\Sonja\Box Sync C:\Users\Sonja\Desktop\Dropbox.lnk - C:\Users\Sonja\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Sonja\Desktop\EnterImage.lnk - C:\Program Files (x86)\EnterImage\EnterImage.exe C:\Users\Sonja\Desktop\Free M4a to MP3 Converter.lnk - C:\Program Files (x86)\Free M4a to MP3 Converter\m4a_converter.exe C:\Users\Sonja\Desktop\Funny Photo Maker.lnk - C:\Program Files (x86)\AnvSoft\Funny Photo Maker\FunnyPhoto.exe C:\Users\Sonja\Desktop\HP Photo Creations.lnk - C:\Users\Sonja\AppData\Roaming\HP Photo Creations\PhotoProduct.exe C:\Users\Sonja\Desktop\My Music Tools.lnk - C:\Program Files (x86)\Free M4a to MP3 Converter\mymusictools.url C:\Users\Sonja\Desktop\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe C:\Users\Sonja\Desktop\PTLITE10 - Snelkoppeling.lnk - E:\PTLITE10.EXE C:\Users\Sonja\Desktop\Sam Sonja - Snelkoppeling.lnk - C:\Users\Sonja\Desktop\Samsung Link sonja.campaert@telenet.be.lnk - C:\Galaxy S 5 C:\Users\Sonja\Desktop\shutdown.lnk - C:\Windows\System32\shutdown.exe -s -t 00 C:\Users\Sonja\Desktop\sonja.campaert@telenet.be (sonja) - Snelkoppeling.lnk - C:\Users\Sonja\Desktop\System Mechanic.lnk - C:\Program Files (x86)\iolo\System Mechanic\SysMech.exe C:\Users\Sonja\Desktop\System Mechanic® LiveBoost™.lnk - C:\Users\Sonja\Desktop\Uitvoeren.lnk - C:\Users\Sonja\Desktop\Beveiliging\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Sonja\Desktop\Beveiliging\Duplicate Cleaner Free.lnk - C:\Program Files (x86)\Duplicate Cleaner\DuplicateCleaner.exe C:\Users\Sonja\Desktop\Beveiliging\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe C:\Users\Sonja\Desktop\Beveiliging\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\Sonja\Desktop\Beveiliging\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe C:\Users\Sonja\Desktop\Beveiliging\Wifi-fikser.lnk - C:\Program Files (x86)\Wifi-fikser\Wifi-fikser.exe C:\Users\Sonja\Desktop\De sims\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe C:\Users\Sonja\Desktop\Google\App-opstartprogramma van Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --show-app-list C:\Users\Sonja\Desktop\Google\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document C:\Users\Sonja\Desktop\Google\Google Drive.lnk - C:\Users\Sonja\Google Drive C:\Users\Sonja\Desktop\Google\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet C:\Users\Sonja\Desktop\Google\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation C:\Users\Sonja\Desktop\HP\Benodigdheden kopen - HP ENVY 4500 series.lnk - C:\Program Files (x86)\HP\HP ENVY 4500 series\Bin\hpqDTSS.exe C:\Users\Sonja\Desktop\HP\HP ENVY 4500 series.lnk - C:\Program Files (x86)\HP\HP ENVY 4500 series\Bin\HP ENVY 4500 series.exe -Start UDCDevicePage C:\Users\Sonja\Desktop\HP\HP Photo Creations.lnk - C:\Users\Sonja\AppData\Roaming\HP Photo Creations\PhotoProduct.exe C:\Users\Sonja\Desktop\HP\HP Print and Scan Doctor.lnk - C:\Program Files (x86)\HP\Diagnostics\PSDR\HPPSDr.exe C:\Users\Sonja\Desktop\ongebruikte bureaubladpictogrammen\AVerMedia TV Player.lnk - C:\Program Files (x86)\AVerMedia\AVerMedia TV Player\AVerMedia TV Player.exe C:\Users\Sonja\Desktop\ongebruikte bureaubladpictogrammen\Bezoek eBay.be.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe C:\Users\Sonja\Desktop\ongebruikte bureaubladpictogrammen\BitLord.lnk - C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe C:\Users\Sonja\Desktop\ongebruikte bureaubladpictogrammen\De Sims™ 3.lnk - C:\Users\Sonja\Desktop\ongebruikte bureaubladpictogrammen\Easy Duplicate Finder 4.lnk - C:\Program Files\Easy Duplicate Finder 4\EasyDuplicateFinder.exe C:\Users\Sonja\Desktop\ongebruikte bureaubladpictogrammen\HP Connected Music.lnk - C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe C:\Users\Sonja\Desktop\ongebruikte bureaubladpictogrammen\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe C:\Users\Sonja\Desktop\ongebruikte bureaubladpictogrammen\Intel(R) WiDi.lnk - C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe C:\Users\Sonja\Desktop\ongebruikte bureaubladpictogrammen\IObit Unlocker.lnk - C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.exe C:\Users\Sonja\Desktop\ongebruikte bureaubladpictogrammen\iTunes Agent.lnk - C:\Program Files (x86)\iTunes Agent\iTunes Agent.exe C:\Users\Sonja\Desktop\ongebruikte bureaubladpictogrammen\Snapfish foto's.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe C:\Users\Public\Desktop\De Sims 4 Creëer-een-Sim Demo.lnk - C:\Users\Public\Desktop\De Sims 4.lnk - C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe C:\Users\Public\Desktop\eID Viewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe C:\Users\Public\Desktop\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe C:\Users\Public\Desktop\GIMP 2.lnk - C:\Program Files\GIMP 2\bin\gimp-2.8.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk - C:\Program Files (x86)\HP\Diagnostics\PSDR\HPPSDr.exe C:\Users\Public\Desktop\HP Quick Start.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Quick Start\HPQuickstart.exe C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\My LastPass Vault.lnk - C:\Users\Public\Desktop\paint.net.lnk - C:\Program Files (x86)\paint.net\PaintDotNet.exe C:\Users\Public\Desktop\PC Drukkerij Wenskaarten & Uitnodigingen.lnk - C:\Program Files (x86)\Easy Computing\PC Drukkerij Wenskaarten & Uitnodigingen\PrintPratic.exe C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Public\Desktop\PowerISO.lnk - C:\Program Files (x86)\PowerISO\PowerISO.exe C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe C:\Users\Public\Desktop\Samsung Kies 3.lnk - C:\Program Files (x86)\Samsung\Kies3\Kies3.exe C:\Users\Public\Desktop\Serif PagePlus X5.lnk - C:\Program Files (x86)\Serif\PagePlus\X5\Program\PagePlus.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth\Sam Sonja.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTWUIExt.exe /deviceAddr=b43a28e876e1 C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Sonja\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\App-opstartprogramma van Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\HP Photo Creations verwijderen.lnk - C:\Users\Sonja\AppData\Roaming\HP Photo Creations\remove.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\HP Photo Creations.lnk - C:\Users\Sonja\AppData\Roaming\HP Photo Creations\PhotoProduct.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Sonja\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk - C:\Program Files (x86)\paint.net\PaintDotNet.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif CraftArtist 2.lnk - C:\WINDOWS\Installer\{D0BE8477-6206-4588-8148-971EDAB6BBAD}\CraftArtist.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex\CDex.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor\File Type Advisor.lnk - C:\Program Files (x86)\File Type Advisor\fileadvisor.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect\Fitbit Connect Website.lnk - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect website.URL C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect\Fitbit Connect.lnk - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect\Uninstall Fitbit Connect.lnk - C:\Windows\SysWOW64\msiexec.exe /x {D626E72A-ED95-489A-9B8B-0B2A7B649A85} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Update.lnk - C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP ENVY 4500 series\HP ENVY 4500 series.lnk - C:\Program Files (x86)\HP\HP ENVY 4500 series\Bin\HP ENVY 4500 series.exe -Start UDCDevicePage C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Uninstall IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe uninstall_start C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Info iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.Resources\nl.lproj\About iTunes.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec\1.0b beta\Uninstall.lnk - C:\Program Files (x86)\MyFree Codec\1.0b beta\uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Error Reporter.lnk - C:\Program Files (x86)\Origin\OriginER.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Samsung Link.lnk - C:\Program Files (x86)\Samsung\Samsung Link\Samsung Link Menu Start.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Samsung Kies 3.lnk - C:\Program Files (x86)\Samsung\Kies3\Kies3.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies3\Uninstall Kies 3.lnk - C:\Program Files (x86)\InstallShield Installation Information\{88547073-C566-4895-9005-EBE98EA3F7C7}\setup.exe /removeonly C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications\CraftArtist 2\CraftArtist 2 User Guide.lnk - C:\WINDOWS\Installer\{D0BE8477-6206-4588-8148-971EDAB6BBAD}\ShortcutPDF.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications\CraftArtist 2\CraftArtist 2.lnk - C:\WINDOWS\Installer\{D0BE8477-6206-4588-8148-971EDAB6BBAD}\CraftArtist.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sharepod\Sharepod.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sharepod\Uninstall Sharepod.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic\System Mechanic Help.lnk - C:\Program Files (x86)\iolo\System Mechanic\System_Mechanic_nl.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic\System Mechanic.lnk - C:\Program Files (x86)\iolo\System Mechanic\SysMech.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic\System Mechanic® LiveBoost™.lnk - ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk - C:\Users\Paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free M4a to MP3 Converter.lnk - C:\Program Files (x86)\Free M4a to MP3 Converter\m4a_converter.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk - C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies 3.lnk - C:\Program Files (x86)\Samsung\Kies3\Kies3.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\App-opstartprogramma van Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CyberLink Media Suite.lnk - C:\Program Files (x86)\CyberLink\Media Suite\PS.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CyberLink YouCam.lnk - C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Driver Booster 2.lnk - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Quick Start.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Quick Start\HPQuickstart.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Sonja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==== Uninstall List x64 ====================== 7-Zip 9.20 (x64 edition) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{23170F69-40C1-2702-0920-000001000000}] Adobe Acrobat Reader DC - Nederlands [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}] Adobe Flash Player 17 NPAPI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] Adobe Refresh Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001802114130}] AllShare Framework DMS [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}] Apple Application Support (32-bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{447CDCE5-F555-429B-BFA6-642C3C6D684F}] Apple Application Support (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0DF7096B-715A-4233-8633-C7A16ED6D616}] Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4123106-B685-48E6-B9BD-E4F911841EB4}] Apple Software Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}] AVerMedia TV Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DFD1F64D-2AF0-4CE2-9752-D701E80F8D1C}] AVerMedia TV Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DFD1F64D-2AF0-4CE2-9752-D701E80F8D1C}] Bejeweled© 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}] Belgium e-ID middleware 4.0.7 (build 7466) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{824563DE-75AD-4166-9DC0-B6482F207466}] Bonjour [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}] Box Sync [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99902BE6-1451-46BA-AEA9-13E1F5413EB7}] Box Sync [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2e517feb-f2b6-4ace-9c84-5bf389b384bd}] Broadcom 802.11 Network Adapter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Broadcom 802.11 Network Adapter] Broadcom Bluetooth Drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0A1B4690-E176-4533-8058-939480AEE1D0}] Broadcom Bluetooth Software [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] Cisco EAP-FAST Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}] Cisco LEAP Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{51C7AD07-C3F6-4635-8E8A-231306D810FE}] Cisco PEAP Module [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}] CyberLink LabelPrint [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}] CyberLink LabelPrint [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}] CyberLink Media Suite 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}] CyberLink Media Suite 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}] Cyberlink PhotoDirector [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{39337565-330E-4ab6-A9AE-AC81E0720B10}] Cyberlink PhotoDirector [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}] CyberLink Power2Go 8 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}] CyberLink Power2Go 8 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}] CyberLink PowerDirector 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}] CyberLink PowerDirector 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}] CyberLink PowerDVD [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}] CyberLink PowerDVD [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}] CyberLink YouCam [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}] CyberLink YouCam [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}] D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}] DaisyTrail Water Garden Digikit [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EFA49C6F-6311-456B-B298-9B970723B983}] De SimsT 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}] De SimsT 4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{48EBEBBF-B9F8-4520-A3CF-89A730721917}] De SimsT 4 Cre‰er-een-Sim Demo [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6908ED99-F02B-4E99-A202-3FAC99C510ED}] DisableMSDefender [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}] Dropbox [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox] Duplicate Cleaner Free 3.2.4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Duplicate Cleaner Free] EasyDuplicateFinder v4.7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Easy Duplicate Finder 4_is1] Energy Star [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}] EnterImage 3.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EnterImage 3.0_is1] Facebook Video Calling 3.1.0.521 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2091F234-EB58-4B80-8C96-8EB78C808CF7}] File Type Advisor 1.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\File Type Advisor_is1] Fitbit Connect [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D626E72A-ED95-489A-9B8B-0B2A7B649A85}] Fotogalerie [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{41BF4A3B-D60A-4E92-883F-C88C8C157261}] Free M4a to MP3 Converter 8.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free M4a to MP3 Converter_is1] Funny Photo Maker 2.4.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Funny Photo Maker_is1] Galerie de photos [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{439B34FF-F74E-4807-B5E2-4B758551DA6B}] GIMP 2.8.10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\GIMP-2_is1] Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C96119B7-47E5-3300-A67D-BFC3A221DF01}] Google Cloudprinter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{74AA24E0-AC50-4B28-BA46-9CF05467C9B7}] Google Drive [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6C36881B-0E51-4231-9D02-BF2149664D34}] Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] Hewlett-Packard ACLM.NET v1.2.2.3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}] HID OMNIKEY 3x2x PC/SC Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{57766C05-9EE1-443A-9884-08FA765129F9}] HP Connected Music (Meridian - installer) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\StartHPConnectedMusic] HP Connected Music (Meridian - player) [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPConnectedMusic] HP Customer Experience Enhancements [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{07FA4960-B038-49EB-891B-9F95930AA544}] HP ENVY 4500 series Basissoftware van het apparaat [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E7E2EB53-AA2D-4068-8242-28859DCB7C3A}] HP ENVY 4500 series Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8E0DEA5E-822C-4993-8D47-9305D61E6188}] HP Photo Creations [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Photo Creations] HP Postscript Converter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}] HP Quick Start [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{574F0207-8E98-46CD-8F79-318348C98C46}] HP Registration Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C}] HP Support Information [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}] HP Support Solutions Framework [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96D12EC9-720B-45FB-904C-36D6307A1C76}] HP Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}] HPDetect [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}] iCloud [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{81E20D41-C277-4526-934D-F2380AF91B78}] IncrediMail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{81CF09ED-5FB0-4E0A-A83F-0F514DDEABBC}] Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] Intel(R) Processor Graphics [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] Intel(R) SDK for OpenCL - CPU Only Runtime Package [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}] Intel(R) Update Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}] Intel(R) WiDi [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{28B4FCD3-1E17-411F-B56A-769DCF9169E0}] Intel© Trusted Connect Service Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FA00A3CC-7440-4938-A271-F186F50DD40D}] IObit Uninstaller [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IObitUninstall] IObit Unlocker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IObit Unlocker_is1] iolo technologies' System Mechanic [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1] iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D227565A-0033-40AD-89BA-653A205CDC11}] iTunes Agent 1.3.4 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\iTunes Agent 1.3.4] Java 7 Update 76 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F03217076FF}] Java 8 Update 31 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218031F0}] K-Lite Codec Pack 9.3.0 (Basic) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KLiteCodecPack_is1] LastPass (alleen de‹nstalleren) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LastPass] Malwarebytes Anti-Malware versie 2.0.4.1028 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9F0BCD8-6BD5-1ED7-EDA3-9FCF2A478AA1}] Microsoft Office 2013 voor Thuisgebruik en Studenten - nl-nl [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HomeStudentRetail - nl-nl] Microsoft OneDrive [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\OneDriveSetup.exe] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{071c9b48-7c32-4621-a0ac-3f809523288f}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}] Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}] Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37B8F9C7-03FB-3253-8781-2517C99D7C00}] Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}] Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B175520C-86A2-35A7-8619-86DC379688B9}] Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}] Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{050d4fc8-5d48-4b8f-8972-47c82c46020f}] Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{f65db027-aff3-4070-886a-0d87064aabb1}] Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{929FBD26-9020-399B-9A7A-751D61F0B942}] Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}] Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}] Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}] Microsoft Visual Studio 2010 Tools for Office Runtime (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}] Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{21764A96-6748-4B83-89E7-7A5063BF156C}] Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{70C91B91-61E8-4D06-86D6-A9DCC291983A}] Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}] Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DD67BE4B-7E62-4215-AFA3-F123A800A389}] Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}] Mozilla Firefox 36.0.4 (x86 nl) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 36.0.4 (x86 nl)] Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService] MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}] MSVCRT110 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}] MSVCRT110_amd64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9FA781F-3E80-4399-825A-AD3E11C28C77}] Multifunctional Wireless Mouse Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0AB0AFB9-9449-4137-A2B2-3B0DFD201E7F}] MyFreeCodec [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec] NVIDIA 3D Vision controllerstuurprogramma 344.11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] NVIDIA 3D Vision stuurprogramma 344.11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] NVIDIA GeForce Experience 2.1.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] NVIDIA Grafisch stuurprogramma 344.11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B455E95A-B804-439F-B533-336B1635AE97}] NVIDIA PhysX systeemsoftware 9.14.0702 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo] Origin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Origin] paint.net [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}] PC Drukkerij Wenskaarten & Uitnodigingen [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Drukkerij Wenskaarten & Uitnodigingen] Peggle [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{715AD72D-887A-459E-988B-D4F3E87FA24B}] Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3751BF9B-5F23-4976-AA62-1BF4D791DCFE}] Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{87DABDEA-47A4-4182-AA7C-2C90DAAE3117}] Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B1D0122C-6BE2-47A2-82AE-0BB3F6C91C49}] Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3538BF4-735B-45F3-B09E-C541A007E4E8}] Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{07AAB66E-4718-422D-9218-4AFB3C922A71}] Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6A96E8C-FC88-46F5-800E-6845B4ACA459}] Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F4DEB840-B638-4BCE-AC6B-057EF31E0012}] Picasa 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Picasa 3] PowerISO [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PowerISO] Productverbeteringsonderzoek voor HP ENVY 4500 series [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0B1D150-9577-4F9C-9FC7-AD8557C6BDFC}] QuickTime 7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}] Realtek Card Reader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}] Realtek Ethernet Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] Recovery Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}] Revo Uninstaller 1.95 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Revo Uninstaller] Samsung Kies3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{88547073-C566-4895-9005-EBE98EA3F7C7}] Samsung Kies3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}] Samsung Link 2.0.0.1503181422 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\8474-7877-9059-0204] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\01_Simmental] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\02_Siberian] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\03_Swallowtail] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\04_semseyite] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\07_Schorl] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\09_Hsp] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\11_HSP_Plus_Default] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\16_Shrewsbury] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\20_NXP_Driver] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\24_flashusbdriver] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\25_escape] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}] Serif PagePlus X5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{371C9583-5174-4CF8-B10D-D4C3AA7E8CD0}] Serif PagePlus: Business Card Template Pack 1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1A4C3669-BDFE-4EF0-9108-EAF07182F36B}] Serif PagePlus: Home Stationery Template Pack - Fishing [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BA35AC3F-662E-46AB-BB72-BF84ED43335A}] Serif PagePlus: Menu Template Pack 1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BF1B3BB3-4AA5-4A3C-AF36-DCAEF47AE4F6}] Serif PagePlus: Poster Template Pack 1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{561989D6-1BEE-452D-83FE-6E8AB80F341A}] Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7] Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD] Visual Studio 2012 x64 Redistributables [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}] Visual Studio 2012 x86 Redistributables [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}] Wifi-fikser versie 1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{72739B4E-6992-4D4C-BAE8-08D550AA2D3A}_is1] Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B99F248C-B4B3-4D61-9FFC-AE59A1F13723}] Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1B905A9B-EB74-4C70-B81B-5F446C178566}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{66233218-CA57-4AB2-BA43-A97AA4635960}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F8F630A7-6789-44D5-8653-3B27969CF337}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite] Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{659CB81C-B54E-4DF1-B618-F35777393A54}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}] Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}] Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}] Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D1893000-EA77-493C-8DDD-E262436E959B}] Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{290C2B0A-CEE1-4F55-AB46-4571EC01DA96}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{33B992ED-B59B-4E25-9F3F-CF2D79BBA914}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0332229-4EF7-4A36-AED8-E5876EB2DF86}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC071B45-4A5F-408F-92F8-4D9D693E866F}] WinRAR 5.10 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll O4 - HKLM\..\Run: [Wireless Mouse] "C:\Program Files (x86)\Multifunctional Wireless Mouse Driver\StartMonitor.exe" KMProcess.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [HP ENVY 4500 series (NET)] "C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4A7142VC060D:NW" -scfn "HP ENVY 4500 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F5ACE9CBA9B961B5FA5F1BC0A67E7A66] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto (User 'Default user') O4 - Startup: AutorunsDisabled O4 - Startup: Dropbox.lnk = Sonja\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerHIDReceiver\AVerHIDReceiver.exe O4 - Global Startup: Install LastPass FF RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe O4 - Global Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files (x86)\IncrediMail\bin\resources\WebMenuImg.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: LastPass - file://C:\Users\Sonja\AppData\LocalLow\LastPass\context.html?cmd=lastpass O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Sonja\AppData\LocalLow\LastPass\context.html?cmd=fillforms O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {55A2C0CD-3DE8-4264-9637-A0B40B05714E} - https://col0-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=1278230545 O17 - HKLM\System\CCS\Services\Tcpip\..\{24D736AB-D55E-4E68-8139-ADC8B324F545}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVerScheduleService - Unknown owner - c:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe O23 - Service: @oem102.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing) O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Box Sync Update Service (BoxSyncUpdateService) - Box, Inc. - C:\Program Files\Box\Box Sync\SyncUpdaterService.exe O23 - Service: BrcmSetSecurity - Intel - C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Fitbit Connect Service (Fitbit Connect) - Fitbit, Inc. - C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Monitor Virutal Wlan Secvice (MS_Virtual_Monitor) - Unknown owner - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\CppWindowsService.exe O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: StartMenu8 Service (StartMenuService) - Unknown owner - (no file) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Silent Runners ====================== "Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/ Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} EADM = "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart [Electronic Arts] HP ENVY 4500 series (NET) = "C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4A7142VC060D:NW" -scfn "HP ENVY 4500 series (NET)" -AutoStart 1 [Hewlett-Packard Development Company, LP] GoogleChromeAutoLaunch_F5ACE9CBA9B961B5FA5F1BC0A67E7A66 = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window [Google Inc.] swg = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [Google Inc.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} IgfxTray = "C:\WINDOWS\system32\igfxtray.exe" [Intel Corporation] HotKeysCmds = "C:\WINDOWS\system32\hkcmd.exe" [Intel Corporation] Persistence = "C:\WINDOWS\system32\igfxpers.exe" [Intel Corporation] RTHDVCPL = "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [Realtek Semiconductor] Samsung Link = "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" [Copyright 2013 SAMSUNG] BoxSync = "c:\Program Files\Box\Box Sync\BoxSync.exe" -m [null data] NvBackend = "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [NVIDIA Corporation] ShadowPlay = C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart [MS] RtHDVBg = "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS [Realtek Semiconductor] iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe" [Apple Inc.] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++} Wireless Mouse = "C:\Program Files (x86)\Multifunctional Wireless Mouse Driver\StartMonitor.exe" KMProcess.exe [UASSOFT.COM] HP Software Update = C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [Hewlett-Packard] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {10921475-03CE-4E04-90CE-E2E7EF20C814}\(Default) = ExplorerWnd Helper -> {HKLM...CLSID} = ExplorerWnd Helper \InProcServer32\(Default) = C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [IObit] {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\(Default) = Lync Click to Call BHO -> {HKLM...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [MS] {95D9ECF5-2A4D-4550-BE49-70D42F71296E}\(Default) = LastPass Vault -> {HKLM...Wow...CLSID} = LastPass Vault \InProcServer32\(Default) = C:\Program Files (x86)\LastPass\LPToolbar.dll [LastPass] {AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided) -> {HKLM...CLSID} = Google Toolbar Helper \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Inc.] -> {HKLM...Wow...CLSID} = Google Toolbar Helper \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\(Default) = (no title provided) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {E76FD755-C1BA-4DCB-9F13-99BD91223ADE}\(Default) = HP Network Check Helper -> {HKLM...Wow...CLSID} = HP Network Check Helper \InProcServer32\(Default) = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [Hewlett-Packard] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [Oracle Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1\(Default) = {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -> {HKCU...CLSID} = UpToDateOverlayHandler Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll [MS] SkyDrive2\(Default) = {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -> {HKCU...CLSID} = SyncingOverlayHandler Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll [MS] SkyDrive3\(Default) = {BBACC218-34EA-4666-9D7A-C78F2274A524} -> {HKCU...CLSID} = ErrorOverlayHandler Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll [MS] SkyDrivePro1 (ErrorConflict)\(Default) = {8BA85C75-763B-4103-94EB-9470F12FE0F7} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] SkyDrivePro2 (SyncInProgress)\(Default) = {CD55129A-B1A1-438E-A425-CEBC7DC684EE} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] SkyDrivePro3 (InSync)\(Default) = {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] "DropboxExt1"\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt1 Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [Dropbox, Inc.] "DropboxExt2"\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt2 Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [Dropbox, Inc.] "DropboxExt3"\(Default) = {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt5 Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [Dropbox, Inc.] "DropboxExt4"\(Default) = {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt6 Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [Dropbox, Inc.] "DropboxExt5"\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt3 Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [Dropbox, Inc.] "DropboxExt6"\(Default) = {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt7 Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [Dropbox, Inc.] "DropboxExt7"\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt4 Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [Dropbox, Inc.] "DropboxExt8"\(Default) = {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt8 Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [Dropbox, Inc.] 0000BoxSyncFileLocked\(Default) = {b973655f-b823-3729-abea-e88cb316ddd4} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] 0000BoxSyncNotSynced\(Default) = {a316141f-fa66-334c-8d40-a8f4e6d21080} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] 0000BoxSyncProblem\(Default) = {a74ad9e8-37eb-31db-9026-8eda10d85860} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] 0000BoxSyncSynced\(Default) = {c3de22fc-b307-320f-ba41-27d95101bbf3} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] GDriveBlacklistedOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] GDriveSharedEditOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] GDriveSharedViewOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] GDriveSyncedOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] GDriveSyncingOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1\(Default) = {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -> {HKCU...Wow...CLSID} = UpToDateOverlayHandler Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll [MS] SkyDrive2\(Default) = {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -> {HKCU...Wow...CLSID} = SyncingOverlayHandler Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll [MS] SkyDrive3\(Default) = {BBACC218-34EA-4666-9D7A-C78F2274A524} -> {HKCU...Wow...CLSID} = ErrorOverlayHandler Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll [MS] DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt1 Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [Dropbox, Inc.] DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt2 Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [Dropbox, Inc.] DropboxExt3\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt3 Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [Dropbox, Inc.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class -> {HKLM...CLSID} = DesktopContext Class \InProcServer32\(Default) = C:\Program Files\NVIDIA Corporation\Display\nvui.dll [NVIDIA Corporation] {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = NVIDIA Play On My TV Context Menu Extension -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\WINDOWS\system32\nvshext.dll [NVIDIA Corporation] {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} = NvAppShExt extension -> {HKLM...CLSID} = NvAppShExt Class \InProcServer32\(Default) = C:\WINDOWS\system32\nv3dappshext.dll [NVIDIA Corporation] {E97DEC16-A50D-49bb-AE24-CF682282E08D} = OpenGLShExt extension -> {HKLM...CLSID} = OpenGLShExt Class \InProcServer32\(Default) = C:\WINDOWS\system32\nv3dappshext.dll [NVIDIA Corporation] {8BA85C75-763B-4103-94EB-9470F12FE0F7} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {CD55129A-B1A1-438E-A425-CEBC7DC684EE} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} = Microsoft SkyDrive Pro Browser Helper -> {HKLM...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} = Microsoft OneNote Namespace Extension for Windows Desktop Search -> {HKLM...CLSID} = Microsoft OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONFILTER.DLL [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office15\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office15\msoshext.dll [MS] {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0} -> {HKLM...CLSID} = ImageExtractorShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\VISSHE.DLL [MS] {D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF} -> {HKLM...CLSID} = CInfoTipShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\VISSHE.DLL [MS] {D90EF6CF-32CB-476D-B57C-1A71E58E8301} = Incinerator -> {HKLM...CLSID} = Incinerator \InProcServer32\(Default) = C:\WINDOWS\system32\Incinerator64.dll [iolo technologies, LLC] {9081C77F-9FAF-4551-A878-10A4249CD1FA} = Incinerator Context Menu -> {HKLM...CLSID} = Incinerator Junction Point Context Menu Handler \InProcServer32\(Default) = C:\WINDOWS\system32\Incinerator64.dll [iolo technologies, LLC] {E8215BEA-3290-4C73-964B-75502B9B41B2} = Incinerator Context Menu -> {HKLM...CLSID} = Incinerator Context Menu Handler \InProcServer32\(Default) = C:\WINDOWS\system32\Incinerator64.dll [iolo technologies, LLC] {BF2E05D5-4FD3-47D4-B502-6AF23DFF1CF5} = Incinerator Property Page -> {HKLM...CLSID} = Incinerator settings \InProcServer32\(Default) = C:\WINDOWS\system32\Incinerator64.dll [iolo technologies, LLC] {F148A78C-91B1-45DC-83A9-291108F3B245} = Incinerator RB context menu -> {HKLM...CLSID} = Incinerator Recycle Bin context menu \InProcServer32\(Default) = C:\WINDOWS\system32\Incinerator64.dll [iolo technologies, LLC] {B19ED566-D419-470b-B111-3C89040BC027} = IObitUnstaler -> {HKLM...CLSID} = IObitUnstaler Class \InProcServer32\(Default) = C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll [IObit] {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} = iTunes -> {HKLM...CLSID} = iTunes \InProcServer32\(Default) = C:\Program Files\iTunes\iTunesMiniPlayer.dll [Apple Inc.] {189F1E63-33A7-404B-B2F6-8C76A452CC54} = IObitSmartDefrag Extension -> {HKLM...CLSID} = SmartDefragExtension Class \InProcServer32\(Default) = C:\WINDOWS\system32\IObitSmartDefragExtension.dll [IObit] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {94586423-855F-4EB2-9F6A-D9DA5658DBE3} = SxContextMenu1stConv -> {HKLM...Wow...CLSID} = Context menu \InProcServer32\(Default) = C:\Program Files (x86)\Free M4a to MP3 Converter\m4a_menu.dll [null data] {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} = Microsoft OneNote Namespace Extension for Windows Desktop Search -> {HKLM...Wow...CLSID} = Microsoft OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\ONFILTER.DLL [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...Wow...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office15\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...Wow...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office15\msoshext.dll [MS] {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0} -> {HKLM...Wow...CLSID} = ImageExtractorShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\VISSHE.DLL [MS] {D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF} -> {HKLM...Wow...CLSID} = CInfoTipShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\VISSHE.DLL [MS] {D90EF6CF-32CB-476D-B57C-1A71E58E8301} = Incinerator -> {HKLM...Wow...CLSID} = Incinerator \InProcServer32\(Default) = C:\WINDOWS\SysWow64\Incinerator32.dll [iolo technologies, LLC] {9081C77F-9FAF-4551-A878-10A4249CD1FA} = Incinerator Context Menu -> {HKLM...Wow...CLSID} = Incinerator Junction Point Context Menu Handler \InProcServer32\(Default) = C:\WINDOWS\SysWow64\Incinerator32.dll [iolo technologies, LLC] {E8215BEA-3290-4C73-964B-75502B9B41B2} = Incinerator Context Menu -> {HKLM...Wow...CLSID} = Incinerator Context Menu Handler \InProcServer32\(Default) = C:\WINDOWS\SysWow64\Incinerator32.dll [iolo technologies, LLC] {BF2E05D5-4FD3-47D4-B502-6AF23DFF1CF5} = Incinerator Property Page -> {HKLM...Wow...CLSID} = Incinerator settings \InProcServer32\(Default) = C:\WINDOWS\SysWow64\Incinerator32.dll [iolo technologies, LLC] {F148A78C-91B1-45DC-83A9-291108F3B245} = Incinerator RB context menu -> {HKLM...Wow...CLSID} = Incinerator Recycle Bin context menu \InProcServer32\(Default) = C:\WINDOWS\SysWow64\Incinerator32.dll [iolo technologies, LLC] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\ <> AppInit_DLLs = 0Z, C:\WINDOWS\system32\nvinitx.dll [file not found] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\ <> AppInit_DLLs = C:\WINDOWS\SysWOW64\nvinit.dll [NVIDIA Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\ {1ee7337f-85ac-45e2-a23c-37c753209769}\(Default) = Smartcard WinRT Provider -> {HKLM...CLSID} = Smartcard WinRT Provider \InProcServer32\(Default) = C:\WINDOWS\system32\SmartcardCredentialProvider.dll [MS] {50968FF7-10C1-4fb3-98B0-CD654D6CB97E}\(Default) = BtwCredentialProvider -> {HKLM...CLSID} = BtwCredentialProvider \InProcServer32\(Default) = c:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [Broadcom Corporation.] HKCU\Software\Classes\*\shellex\ContextMenuHandlers\ SkyDriveEx\(Default) = {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} -> {HKCU...CLSID} = SkyDriveEx \InProcServer32\(Default) = C:\Users\Sonja\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll [MS] -> {HKCU...Wow...CLSID} = SkyDriveEx \InProcServer32\(Default) = C:\Users\Sonja\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll [MS] DropboxExt\(Default) = {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} -> {HKCU...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ BoxContextMenuClient\(Default) = {94199c7e-c0d5-3ae4-8a40-eb1aa9b5cb9d} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] CLVDShellExt\(Default) = {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [Cyberlink] GDContextMenu\(Default) = {BB02B294-8425-42E5-983F-41A1FA970CD6} -> {HKLM...CLSID} = GDContextMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\contextmenu64.dll [Google] Incinerator\(Default) = {E8215BEA-3290-4C73-964B-75502B9B41B2} -> {HKLM...CLSID} = Incinerator Context Menu Handler \InProcServer32\(Default) = C:\WINDOWS\system32\Incinerator64.dll [iolo technologies, LLC] -> {HKLM...Wow...CLSID} = Incinerator Context Menu Handler \InProcServer32\(Default) = C:\WINDOWS\SysWow64\Incinerator32.dll [iolo technologies, LLC] IObitUnstaler\(Default) = {B19ED566-D419-470b-B111-3C89040BC027} -> {HKLM...CLSID} = IObitUnstaler Class \InProcServer32\(Default) = C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll [IObit] PhotoStreamsExt\(Default) = {89D984B3-813B-406A-8298-118AFA3A22AE} -> {HKLM...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [Apple Inc.] -> {HKLM...Wow...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll [Apple Inc.] PowerISO\(Default) = {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} -> {HKLM...CLSID} = PowerISO \InProcServer32\(Default) = C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [Power Software Ltd] WorkFolders\(Default) = {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} -> {HKLM...CLSID} = Work Folders Context Menu Handler \InProcServer32\(Default) = C:\Windows\System32\WorkfoldersShell.dll [MS] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM...CLSID} = MBAMShlExt Class \InProcServer32\(Default) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [Malwarebytes Corporation] HKCU\Software\Classes\Directory\shellex\ContextMenuHandlers\ SkyDriveEx\(Default) = {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} -> {HKCU...CLSID} = SkyDriveEx \InProcServer32\(Default) = C:\Users\Sonja\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll [MS] -> {HKCU...Wow...CLSID} = SkyDriveEx \InProcServer32\(Default) = C:\Users\Sonja\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll [MS] DropboxExt\(Default) = {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} -> {HKCU...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] BoxContextMenuClient\(Default) = {94199c7e-c0d5-3ae4-8a40-eb1aa9b5cb9d} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] GDContextMenu\(Default) = {BB02B294-8425-42E5-983F-41A1FA970CD6} -> {HKLM...CLSID} = GDContextMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\contextmenu64.dll [Google] Incinerator\(Default) = {E8215BEA-3290-4C73-964B-75502B9B41B2} -> {HKLM...CLSID} = Incinerator Context Menu Handler \InProcServer32\(Default) = C:\WINDOWS\system32\Incinerator64.dll [iolo technologies, LLC] -> {HKLM...Wow...CLSID} = Incinerator Context Menu Handler \InProcServer32\(Default) = C:\WINDOWS\SysWow64\Incinerator32.dll [iolo technologies, LLC] IObitUnstaler\(Default) = {B19ED566-D419-470b-B111-3C89040BC027} -> {HKLM...CLSID} = IObitUnstaler Class \InProcServer32\(Default) = C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll [IObit] PowerISO\(Default) = {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} -> {HKLM...CLSID} = PowerISO \InProcServer32\(Default) = C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [Power Software Ltd] WorkFolders\(Default) = {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} -> {HKLM...CLSID} = Work Folders Context Menu Handler \InProcServer32\(Default) = C:\Windows\System32\WorkfoldersShell.dll [MS] HKLM\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\ Monitor\(Default) = {7842554E-6BED-11D2-8CDB-B05550C10000} -> {HKLM...CLSID} = Monitor Class \InProcServer32\(Default) = c:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll [Broadcom Corporation.] HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] HKCU\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\ SkyDriveEx\(Default) = {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} -> {HKCU...CLSID} = SkyDriveEx \InProcServer32\(Default) = C:\Users\Sonja\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll [MS] -> {HKCU...Wow...CLSID} = SkyDriveEx \InProcServer32\(Default) = C:\Users\Sonja\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll [MS] DropboxExt\(Default) = {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} -> {HKCU...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Users\Sonja\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ igfxcui\(Default) = {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} -> {HKLM...CLSID} = GraphicsShellExt Class \InProcServer32\(Default) = C:\WINDOWS\system32\igfxpph.dll [Intel Corporation] NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\WINDOWS\system32\nvshext.dll [NVIDIA Corporation] WorkFolders\(Default) = {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} -> {HKLM...CLSID} = Work Folders Context Menu Handler \InProcServer32\(Default) = C:\Windows\System32\WorkfoldersShell.dll [MS] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ IObitUnstaler\(Default) = {B19ED566-D419-470b-B111-3C89040BC027} -> {HKLM...CLSID} = IObitUnstaler Class \InProcServer32\(Default) = C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll [IObit] MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM...CLSID} = MBAMShlExt Class \InProcServer32\(Default) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [Malwarebytes Corporation] PowerISO\(Default) = {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} -> {HKLM...CLSID} = PowerISO \InProcServer32\(Default) = C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [Power Software Ltd] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions\ NoExtensionManagement = (REG_DWORD) dword:0x00000000 {Computer Configuration|Administrative Templates|Windows Components|Internet Explorer| Do not allow users to enable or disable add-ons} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ EnableCursorSuppression = (REG_DWORD) dword:0x00000001 {unrecognized setting} EnableSecureUIAPath = (REG_DWORD) dword:0x00000001 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ SCRNSAVE.EXE = C:\WINDOWS\system32\PhotoScreensaver.scr [MS] Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ CyberLink Media Suite10HandleCDBurningOnArrival\ Provider = Media Suite 10 InvokeProgID = BlankCD InvokeVerb = PlayWithCyberLink Media Suite10 HKLM\SOFTWARE\Classes\BlankCD\shell\PlayWithCyberLink Media Suite10\Command\(Default) = "c:\Program Files (x86)\CyberLink\Media Suite\PS.exe" "%L" [CyberLink Corp.] CyberLink Media Suite10HandleDVDBurningOnArrival\ Provider = Media Suite 10 InvokeProgID = BlankDVD InvokeVerb = PlayWithCyberLink Media Suite10 HKLM\SOFTWARE\Classes\BlankDVD\shell\PlayWithCyberLink Media Suite10\Command\(Default) = "c:\Program Files (x86)\CyberLink\Media Suite\PS.exe" "%L" [CyberLink Corp.] CyberLink Media Suite10MixedContentOnArrival\ Provider = Media Suite 10 InvokeProgID = MixedContent InvokeVerb = PlayWithCyberLink Media Suite10 HKLM\SOFTWARE\Classes\MixedContent\shell\PlayWithCyberLink Media Suite10\Command\(Default) = "c:\Program Files (x86)\CyberLink\Media Suite\PS.exe" "%L" [CyberLink Corp.] CyberLink Media Suite10PlayMusicFilesOnArrival\ Provider = Media Suite 10 InvokeProgID = MusicFiles InvokeVerb = PlayWithCyberLink Media Suite10 HKLM\SOFTWARE\Classes\MusicFiles\shell\PlayWithCyberLink Media Suite10\Command\(Default) = "c:\Program Files (x86)\CyberLink\Media Suite\PS.exe" "%L" [CyberLink Corp.] CyberLink Media Suite10PlayVideoFilesOnArrival\ Provider = Media Suite 10 InvokeProgID = VideoFiles InvokeVerb = PlayWithCyberLink Media Suite10 HKLM\SOFTWARE\Classes\VideoFiles\shell\PlayWithCyberLink Media Suite10\Command\(Default) = "c:\Program Files (x86)\CyberLink\Media Suite\PS.exe" "%L" [CyberLink Corp.] CyberLink Media Suite10ShowPicturesOnArrival\ Provider = Media Suite 10 InvokeProgID = Picture InvokeVerb = PlayWithCyberLink Media Suite10 HKLM\SOFTWARE\Classes\Picture\shell\PlayWithCyberLink Media Suite10\Command\(Default) = "c:\Program Files (x86)\CyberLink\Media Suite\PS.exe" "%L" [CyberLink Corp.] iTunesBurnCDOnArrival\ Provider = iTunes InvokeProgID = iTunes.BurnCD InvokeVerb = burn HKLM\SOFTWARE\Classes\iTunes.BurnCD\shell\burn\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayBurn "%L" [Apple Inc.] iTunesImportSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ImportSongsOnCD InvokeVerb = import HKLM\SOFTWARE\Classes\iTunes.ImportSongsOnCD\shell\import\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayImportSongs "%L" [Apple Inc.] iTunesPlaySongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.PlaySongsOnCD InvokeVerb = play HKLM\SOFTWARE\Classes\iTunes.PlaySongsOnCD\shell\play\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /playCD "%L" [Apple Inc.] iTunesShowSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ShowSongsOnCD InvokeVerb = showsongs HKLM\SOFTWARE\Classes\iTunes.ShowSongsOnCD\shell\showsongs\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayShowSongs "%L" [Apple Inc.] MSFhConfigBackup\ Provider = @C:\WINDOWS\system32\fhautoplay.dll,-100 InvokeProgID = FHConfig.AutoPlayHandler InvokeVerb = config HKLM\SOFTWARE\Classes\FHConfig.AutoPlayHandler\shell\config\command\(Default) = fhmanagew -autoplay [MS] MSLiveShowPicturesOnArrival\ Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.Photos.LiveAutoplayShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = {00F30F90-3E96-453B-AFCD-D71989ECC2C7} -> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS] MSPlayCDAudioOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.AudioCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS] MSPlayDVDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.DVD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS] MSPlaySuperVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPlayVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPromptEachTime\ Provider = @C:\WINDOWS\system32\shell32.dll,-17411 ProgID = Shell.Autoplay InitCmdLine = PromptEachTime HKLM\SOFTWARE\Classes\Shell.Autoplay\CLSID\(Default) = {995C996E-D918-4a8c-A302-45719A6F4EA7} -> {HKLM...CLSID} = Shell Hardware Mixed Content Handler \LocalServer32\(Default) = C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} [MS] MSPromptEachTimeNoContent\ Provider = @C:\WINDOWS\system32\shell32.dll,-17411 ProgID = Shell.Autoplay InitCmdLine = PromptEachTimeNoContent HKLM\SOFTWARE\Classes\Shell.Autoplay\CLSID\(Default) = {995C996E-D918-4a8c-A302-45719A6F4EA7} -> {HKLM...CLSID} = Shell Hardware Mixed Content Handler \LocalServer32\(Default) = C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} [MS] MSWMPBurnCDOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.BurnCD InvokeVerb = Burn HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS] PDirDVArrival\ Provider = PowerDirector ProgID = Shell.HWEventHandlerShellExecute InitCmdLine = "c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe" /DV HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} -> {HKLM...CLSID} = Shell Execute Hardware Event Handler \LocalServer32\(Default) = C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS] PDVD10PlayCDAudioOnArrival\ Provider = PowerDVD InvokeProgID = AudioCD InvokeVerb = PlayWithPowerDVD10 HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithPowerDVD10\Command\(Default) = "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe" "%L" [CyberLink Corp.] PDVD10PlayDVDMovieOnArrival\ Provider = PowerDVD InvokeProgID = DVD InvokeVerb = PlayWithPowerDVD10 HKLM\SOFTWARE\Classes\DVD\shell\PlayWithPowerDVD10\Command\(Default) = "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe" "%L" [CyberLink Corp.] PDVD10PlaySVCDOnArrival\ Provider = PowerDVD InvokeProgID = SVCD InvokeVerb = PlayWithPowerDVD10 HKLM\SOFTWARE\Classes\SVCD\shell\PlayWithPowerDVD10\Command\(Default) = "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe" "%L" [CyberLink Corp.] PDVD10PlayVCDMovieOnArrival\ Provider = PowerDVD InvokeProgID = VCD InvokeVerb = PlayWithPowerDVD10 HKLM\SOFTWARE\Classes\VCD\shell\PlayWithPowerDVD10\Command\(Default) = "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe" "%L" [CyberLink Corp.] PhotoDirector3.0ShowPicturesOnArrival\ Provider = PhotoDirector 3 InvokeProgID = Picture InvokeVerb = PlayWithPhotoDirector3.0 HKLM\SOFTWARE\Classes\Picture\shell\PlayWithPhotoDirector3.0\Command\(Default) = "c:\Program Files (x86)\CyberLink\PhotoDirector\PhotoDirector3.exe" -importDlg "%L" [CyberLink Corp.] Picasa2ImportPicturesOnArrival\ Provider = Picasa3 InvokeProgID = picasa2.autoplay InvokeVerb = import HKLM\SOFTWARE\Classes\picasa2.autoplay\shell\import\command\(Default) = "C:\Program Files (x86)\Google\Picasa3\Picasa3.exe" "%1" [Google Inc.] Power2Go8.0HandleBDBurningOnArrival\ Provider = Power2Go 8 InvokeProgID = BlankBD InvokeVerb = PlayWithPower2Go8.0 HKLM\SOFTWARE\Classes\BlankBD\shell\PlayWithPower2Go8.0\Command\(Default) = "c:\Program Files (x86)\CyberLink\Power2Go8\Power2Go8.exe" "%L" [CyberLink Corp.] Power2Go8.0HandleCDBurningOnArrival\ Provider = Power2Go 8 InvokeProgID = BlankDVD InvokeVerb = PlayWithPower2Go8.0 HKLM\SOFTWARE\Classes\BlankDVD\shell\PlayWithPower2Go8.0\Command\(Default) = "c:\Program Files (x86)\CyberLink\Power2Go8\Power2Go8.exe" "%L" [CyberLink Corp.] Power2Go8.0PlayCDAudioOnArrival\ Provider = Power2Go 8 InvokeProgID = AudioCD InvokeVerb = PlayWithPower2Go8.0 HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithPower2Go8.0\Command\(Default) = "c:\Program Files (x86)\CyberLink\Power2Go8\Power2Go8.exe" /AudioRipper "%L" [CyberLink Corp.] Startup items in "Sonja" & "All Users" startup folders: ------------------------------------------------------- C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup {++} Dropbox -> shortcut to: C:\Users\Sonja\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [Dropbox, Inc.] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp {++} AVer HID Receiver -> shortcut to: C:\Program Files (x86)\Common Files\AVerMedia\AVerHIDReceiver\AVerHIDReceiver.exe [null data] Install LastPass FF RunOnce -> shortcut to: C:\Program Files (x86)\Common Files\lpuninstall.exe -q -name=LastPass -ffuuid support@lastpass.com [null data] Install LastPass IE RunOnce -> shortcut to: C:\Program Files (x86)\Common Files\lpuninstall.exe -p -name=LastPass -ffuuid support@lastpass.com [null data] Non-disabled Scheduled Tasks: {++} ----------------------------- C:\Windows\System32\Tasks Adobe Acrobat Update Task -> launches: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [Adobe Systems Incorporated] Adobe Flash Player Updater -> launches: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated] CCleanerSkipUAC -> launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd] CLMLSvc_P2G8 -> (HIDDEN!) launches: c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [CyberLink] CLVDLauncher -> (HIDDEN!) launches: c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [CyberLink Corp.] FileAdvisorCheck -> launches: "C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe" /modify=1 /verysilent /suppressmsgboxes /nocancel /norestart [ ] FileAdvisorUpdate -> launches: "C:\Program Files (x86)\File Type Advisor\fileadvisor.exe" /updateprogram [File Type Advisor] GoogleUpdateTaskMachineCore -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineUA -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] HPCustParticipation HP ENVY 4500 series -> launches: "C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe" /UA 12.5 /DDV 0x0b00 [Hewlett-Packard Development Company, LP] iolo Process Governor -> launches: C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [iolo technologies, LLC] IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 -> launches: C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic [null data] IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon -> launches: "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe" --automatic [null data] Microsoft Office 15 Sync Maintenance for SONJA-Sonja Sonja -> launches: C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [MS] MirageAgent -> (HIDDEN!) launches: C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [CyberLink] Optimize Start Menu Cache Files-S-1-5-21-4182331514-222226932-2793567021-1002 -> launches: {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Windows\System32\twinapi.dll [MS] -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Windows\SysWOW64\twinapi.dll [MS] Optimize Start Menu Cache Files-S-1-5-21-4182331514-222226932-2793567021-1005 -> launches: {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Windows\System32\twinapi.dll [MS] -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Windows\SysWOW64\twinapi.dll [MS] SmartDefrag4_Update -> launches: C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe /autorun [file not found] Uninstaller_SkipUac_Administrator -> launches: C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer [IObit] Uninstaller_SkipUac_Paul -> launches: "C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe" /UninstallExplorer [IObit] Uninstaller_SkipUac_Sonja -> launches: "C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe" /UninstallExplorer [IObit] User_Feed_Synchronization-{172F16A2-59EB-45A4-A698-675688C853A2} -> (HIDDEN!) launches: C:\WINDOWS\system32\msfeedssync.exe sync [MS] {F174C62D-6EBE-4022-AB0A-C5C47F32C298} -> launches: C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Sonja\De sims 3 power 2 Go\__Installer\ISSetupHelper.exe" -d "C:\Users\Sonja\De sims 3 power 2 Go\__Installer" [MS] C:\Windows\System32\Tasks\Apple AppleSoftwareUpdate -> launches: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task [Apple Inc.] C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant HP Support Assistant Quick Start -> launches: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart [null data] PC Health Analysis -> launches: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis [null data] PC Tuneup -> launches: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L TuneupTimer [null data] Update Check -> launches: C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe /s /p 1 [null data] WarrantyChecker_CN4A7142VC -> launches: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /ForDevice:CN4A7142VC [null data] WarrantyChecker_DeviceScan -> launches: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 [null data] C:\Windows\System32\Tasks\Microsoft\Office Office Automatic Updates -> launches: C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False [MS] Office ClickToRun Service Monitor -> launches: C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /WatchService [MS] C:\Windows\System32\Tasks\Microsoft\Windows\.NET Framework .NET Framework NGEN v4.0.30319 -> (HIDDEN!) launches: {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] .NET Framework NGEN v4.0.30319 64 -> (HIDDEN!) launches: {429BC048-379E-45E0-80E4-EB1977941B5C} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msdrm.dll [MS] -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msdrm.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\AppID SmartScreenSpecific -> launches: {9f2b0085-9218-42a1-88b0-9f0e65851666} -> {HKLM...CLSID} = Windows SmartScreen Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\apprepsync.dll [MS] -> {HKLM...Wow...CLSID} = Windows SmartScreen Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\apprepsync.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience AitAgent -> launches: aitagent /increment [MS] Microsoft Compatibility Appraiser -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy [MS] ProgramDataUpdater -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS] StartupAppTask -> launches: %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask [MS] C:\Windows\System32\Tasks\Microsoft\Windows\ApplicationData CleanupTemporaryState -> launches: %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Autochk Proxy -> launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\dimsjob.dll [MS] UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\dimsjob.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Chkdsk ProactiveScan -> launches: {cf4270f5-2e43-4468-83b3-a8c45bb33ea1} -> {HKLM...CLSID} = Proactive Scan \InProcServer32\(Default) = C:\Windows\System32\pstask.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program BthSQM -> (HIDDEN!) launches: {c8367320-6f85-11e0-a1f0-0800200c9a66} -> {HKLM...CLSID} = BthSQM \InProcServer32\(Default) = C:\WINDOWS\System32\BthSQM.dll [MS] Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS] KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c} -> {HKLM...CLSID} = KernelCeipCustomHandler \InProcServer32\(Default) = C:\WINDOWS\System32\kernelceip.dll [MS] Uploader -> launches: %windir%\system32\WSqmCons.exe -u [MS] UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8} -> {HKLM...CLSID} = UsbCeip \InProcServer32\(Default) = C:\WINDOWS\System32\usbceip.dll [MS] -> {HKLM...Wow...CLSID} = UsbCeip \InProcServer32\(Default) = C:\WINDOWS\System32\usbceip.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Data Integrity Scan Data Integrity Scan for Crash Recovery -> (HIDDEN!) launches: {DCFD3EA8-D960-4719-8206-490AE315F94F} -> {HKLM...CLSID} = Data Integrity Scan \InProcServer32\(Default) = C:\Windows\System32\discan.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c -h -o -$ [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Device Setup Metadata Refresh -> (HIDDEN!) launches: {23C1F3CF-C110-4512-ACA9-7B6174ECE888} -> {HKLM...CLSID} = DsmRefreshTask Class \InProcServer32\(Default) = C:\WINDOWS\System32\DeviceSetupManagerAPI.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3} -> {HKLM...CLSID} = ScheduledDiagnosticCustomHandler \InProcServer32\(Default) = C:\WINDOWS\System32\sdiagschd.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\DiskCleanup SilentCleanup -> launches: %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive% [MS] C:\Windows\System32\Tasks\Microsoft\Windows\DiskFootprint Diagnostics -> launches: {5b6b6834-34f0-49b9-ad4e-81d4994c7a74} -> {HKLM...CLSID} = Disk Footprint Diagnostics Task \InProcServer32\(Default) = C:\WINDOWS\system32\DfpCommon.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\FileHistory File History (maintenance mode) -> launches: {89917B7C-A1A6-11DF-8BF6-18A90531A85A} -> {HKLM...CLSID} = FhTaskHandler Class \InProcServer32\(Default) = C:\WINDOWS\System32\fhtask.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Location Notifications -> launches: %windir%\System32\LocationNotifications.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance WinSAT -> launches: A9A33436-678B-4c9c-A211-7CC38785E79D -> {HKLM...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\WINDOWS\system32\WinSATAPI.dll [MS] -> {HKLM...Wow...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\WINDOWS\system32\WinSATAPI.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic ProcessMemoryDiagnosticEvents -> (HIDDEN!) launches: {8168e74a-b39f-46d8-adcd-7bed477b80a3} -> {HKLM...CLSID} = MemoryDiagnosticTaskHandler \InProcServer32\(Default) = C:\WINDOWS\System32\MemoryDiagnostic.dll [MS] RunFullMemoryDiagnostic -> (HIDDEN!) launches: {8168e74a-b39f-46d8-adcd-7bed477b80a3} -> {HKLM...CLSID} = MemoryDiagnosticTaskHandler \InProcServer32\(Default) = C:\WINDOWS\System32\MemoryDiagnostic.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts MNO Metadata Parser -> launches: %SystemRoot%\System32\MbaeParserTask.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E} [InProcServer32 entry not found] C:\Windows\System32\Tasks\Microsoft\Windows\MUI Lpksetup -> launches: C:\WINDOWS\System32\lpksetup.exe -v [MS] LPRemove -> launches: %windir%\system32\lpremove.exe [MS] Mcbuilder -> launches: C:\WINDOWS\System32\mcbuilder.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543} -> {HKLM...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\WINDOWS\System32\PlaySndSrv.dll [MS] -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\WINDOWS\System32\PlaySndSrv.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetCfg BindingWorkItemQueueHandler -> launches: {5AA199A0-1CED-43A5-9B85-3226086738A3} -> {HKLM...CLSID} = Binding Engine Task Handler \InProcServer32\(Default) = C:\Windows\System32\netcfgx.dll [MS] -> {HKLM...Wow...CLSID} = Binding Engine Task Handler \InProcServer32\(Default) = C:\Windows\SysWOW64\netcfgx.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace GatherNetworkInfo -> launches: %windir%\system32\gatherNetworkInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows\PerfTrack BackgroundConfigSurveyor -> (HIDDEN!) launches: {EA9155A3-8A39-40B4-8963-D3C761B18371} -> {HKLM...CLSID} = PerfTrack TaskHandler class \InProcServer32\(Default) = C:\Windows\System32\perftrack.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\PI Secure-Boot-Update -> launches: {5014B7C8-934E-4262-9816-887FA745A6C4} -> {HKLM...CLSID} = TPM Maintenance Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\TpmTasks.dll [MS] Sqm-Tasks -> launches: {5014B7C8-934E-4262-9816-887FA745A6C4} -> {HKLM...CLSID} = TPM Maintenance Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\TpmTasks.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Plug and Play Device Install Group Policy -> (HIDDEN!) launches: {60400283-b242-4fa8-8c25-caf695b88209} -> {HKLM...CLSID} = Device Installation Group Policy Task Handler \InProcServer32\(Default) = C:\Windows\System32\pnppolicy.dll [MS] Device Install Reboot Required -> (HIDDEN!) launches: {48794782-6a1f-47b9-bd52-1d5f95d49c1b} -> {HKLM...CLSID} = Device Installation Reboot Dialog Task \InProcServer32\(Default) = C:\Windows\System32\pnpui.dll [MS] Plug and Play Cleanup -> launches: {DEF03232-9688-11E2-BE7F-B4B52FD966FF} -> {HKLM...CLSID} = Plug and Play Maintenance Task \InProcServer32\(Default) = C:\Windows\System32\pnpclean.dll [MS] Sysprep Generalize Drivers -> launches: %SystemRoot%\System32\drvinst.exe 6 [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics AnalyzeSystem -> launches: {927ea2af-1c54-43d5-825e-0074ce028eee} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\WINDOWS\System32\energytask.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6} -> {HKLM...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\WINDOWS\system32\RacEngn.dll [MS] -> {HKLM...Wow...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\WINDOWS\system32\RacEngn.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Ras MobilityManager -> launches: {c463a0fc-794f-4fdf-9201-01938ceacafa} -> {HKLM...CLSID} = RasMobilityManager \InProcServer32\(Default) = C:\WINDOWS\system32\rasmbmgr.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Registry RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2} -> {HKLM...CLSID} = RegistryIdleBackupHandler \InProcServer32\(Default) = C:\WINDOWS\System32\regidle.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemovalTools MRT_HB -> launches: C:\WINDOWS\system32\MRT.exe /EHB /Q [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Servicing StartComponentCleanup -> launches: 752073A1-23F2-4396-85F0-8FDB879ED0ED [InProcServer32 entry not found] C:\Windows\System32\Tasks\Microsoft\Windows\SettingSync BackgroundUploadTask -> (HIDDEN!) launches: {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} -> {HKLM...CLSID} = Delayed Background Upload Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] -> {HKLM...Wow...CLSID} = Delayed Background Upload Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] BackupTask -> (HIDDEN!) launches: {60A4C78C-E2B8-4E6E-876F-DA203B02C05E} -> {HKLM...CLSID} = Backup Upload Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] -> {HKLM...Wow...CLSID} = Backup Upload Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] NetworkStateChangeTask -> (HIDDEN!) launches: {A4173A49-F373-4475-9A0F-2D615204DC20} -> {HKLM...CLSID} = Network State Change Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] -> {HKLM...Wow...CLSID} = Network State Change Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx launchtrayprocess -> launches: %windir%\system32\GWX\GWX.exe /tasklaunch [MS] refreshgwxconfig -> launches: %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig [MS] refreshgwxcontent -> launches: %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent [MS] runappraiser -> launches: %windir%\system32\GWX\GWXConfigManager.exe /RunAppraiser [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Shell CreateObjectTask -> (HIDDEN!) launches: {990a9f8f-301f-45f7-8d0e-68c5952dba43} -> {HKLM...CLSID} = Shell Create Object Task Delegate \InProcServer32\(Default) = C:\WINDOWS\system32\shell32.dll [MS] -> {HKLM...Wow...CLSID} = Shell Create Object Task Delegate \InProcServer32\(Default) = C:\WINDOWS\system32\shell32.dll [MS] FamilySafetyMonitor -> launches: %windir%\System32\wpcmon.exe [MS] FamilySafetyRefresh -> launches: {EBF00FCB-0769-4b81-9BEC-6C05514111AA} -> {HKLM...CLSID} = FamilySafety.WebSync \InProcServer32\(Default) = C:\Windows\System32\WpcWebSync.dll [MS] IndexerAutomaticMaintenance -> launches: {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} -> {HKLM...CLSID} = Automatic Maintenance task to enable Windows Search to make progress while in Connected Standby \InProcServer32\(Default) = C:\WINDOWS\System32\srchadmin.dll [MS] -> {HKLM...Wow...CLSID} = Automatic Maintenance task to enable Windows Search to make progress while in Connected Standby \InProcServer32\(Default) = C:\WINDOWS\System32\srchadmin.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SideShow GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61} [InProcServer32 entry not found] C:\Windows\System32\Tasks\Microsoft\Windows\SkyDrive Idle Sync Maintenance Task -> launches: {bf6c1e47-86ec-4194-9ce5-13c15dcb2001} [InProcServer32 entry not found] Routine Maintenance Task -> launches: {1b1f472e-3221-4826-97db-2c2324d389ae} [InProcServer32 entry not found] C:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform SvcRestartTask -> (HIDDEN!) launches: {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} -> {HKLM...CLSID} = SppSvcRestartTaskHandler Class \InProcServer32\(Default) = C:\WINDOWS\System32\sppcext.dll [MS] -> {HKLM...Wow...CLSID} = SppSvcRestartTaskHandler Class \InProcServer32\(Default) = C:\WINDOWS\System32\sppcext.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SpacePort SpaceAgentTask -> launches: %windir%\system32\SpaceAgent.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain WsSwapAssessmentTask -> launches: %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore SR -> launches: %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4} -> {HKLM...CLSID} = RunTask \InProcServer32\(Default) = C:\WINDOWS\system32\wdc.dll [MS] -> {HKLM...Wow...CLSID} = RunTask \InProcServer32\(Default) = C:\WINDOWS\system32\wdc.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TaskScheduler Idle Maintenance -> launches: {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} -> {HKLM...CLSID} = Maintenance Launcher Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msched.dll [MS] Maintenance Configurator -> launches: {645E29EA-4B0A-464C-8B7D-1A6B9F9D92A8} -> {HKLM...CLSID} = Maintenance Configurator \InProcServer32\(Default) = C:\WINDOWS\system32\msched.dll [MS] Manual Maintenance -> launches: {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} -> {HKLM...CLSID} = Maintenance Launcher Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msched.dll [MS] Regular Maintenance -> launches: {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} -> {HKLM...CLSID} = Maintenance Launcher Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msched.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} -> {HKLM...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\WINDOWS\system32\MsCtfMonitor.dll [MS] -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\WINDOWS\system32\MsCtfMonitor.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization ForceSynchronizeTime -> launches: {A31AD6C2-FF4C-43D4-8E90-7101023096F9} -> {HKLM...CLSID} = Time Synchronization Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\TimeSyncTask.dll [MS] SynchronizeTime -> launches: %windir%\system32\sc.exe start w32time task_started [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Zone SynchronizeTimeZone -> launches: %windir%\system32\tzsync.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TPM Tpm-Maintenance -> launches: {5014B7C8-934E-4262-9816-887FA745A6C4} -> {HKLM...CLSID} = TPM Maintenance Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\TpmTasks.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\WINDOWS\System32\wdi.dll [MS] -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\WINDOWS\System32\wdi.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Defender Windows Defender Cache Maintenance -> launches: C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance [MS] Windows Defender Cleanup -> launches: C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup [MS] Windows Defender Scheduled Scan -> launches: C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob [MS] Windows Defender Verification -> launches: C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing UpdateLibrary -> launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup ConfigNotification -> launches: %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsUpdate AUSessionConnect -> launches: {784E29F4-5EBE-4279-9948-1E8FE941646D} [InProcServer32 entry not found] Scheduled Start -> launches: C:\WINDOWS\system32\sc.exe start wuauserv [MS] Scheduled Start With Network -> launches: C:\WINDOWS\system32\sc.exe start wuauserv [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wininet CacheTask -> launches: {0358b920-0ac7-461f-98f4-58e32cd89148} -> {HKLM...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\WINDOWS\system32\wininet.dll [MS] -> {HKLM...Wow...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\WINDOWS\system32\wininet.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WOF WIM-Hash-Management -> launches: {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} -> {HKLM...CLSID} = WOF Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\WofTasks.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Work Folders Work Folders Logon Synchronization -> launches: {97d47d56-3777-49fb-8e8f-90d7e30e1a1e} -> {HKLM...CLSID} = Work Folder Logon Trigger Class \InProcServer32\(Default) = C:\Windows\System32\WorkFoldersShell.dll [MS] Work Folders Maintenance Work -> launches: {63260bce-a3fb-4a34-aa51-d4d8e877b62b} -> {HKLM...CLSID} = Work Folder Maintenance Task Class \InProcServer32\(Default) = C:\Windows\System32\WorkFoldersShell.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WS Badge Update -> launches: {00CCDDF6-5107-424D-853D-3907AE5502DC} -> {HKLM...CLSID} = WinStore Tile Badge Updater \InProcServer32\(Default) = C:\WINDOWS\winstore\WinStoreUI.dll [MS] License Validation -> (HIDDEN!) launches: rundll32.exe WSClient.dll,WSpTLR licensing [MS] Sync Licenses -> launches: {10F591BE-3C84-418A-86DD-BAA002E2F36E} -> {HKLM...CLSID} = WinStore License Sync task \InProcServer32\(Default) = C:\WINDOWS\winstore\WinStoreUI.dll [MS] WSRefreshBannedAppsListTask -> (HIDDEN!) launches: rundll32.exe WSClient.dll,RefreshBannedAppsList [MS] WSTask -> launches: {E52C9A25-F3E8-49E4-BAA7-FAD0EF620129} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\WINDOWS\System32\WSService.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE Extractor Definitions Update Task -> launches: {3519154C-227E-47F3-9CC9-12C3F05817F1} -> {HKLM...Wow...CLSID} = Windows Live Social Object Extractor Engine Definition Updater \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll [MS] C:\Windows\System32\Tasks\WPD SqmUpload_S-1-5-21-4182331514-222226932-2793567021-1002 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] SqmUpload_S-1-5-21-4182331514-222226932-2793567021-1005 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000007\LibraryPath = C:\Program Files (x86)\Bonjour\mdnsNSP.dll [Apple Inc.] 000000000008\LibraryPath = %SystemRoot%\system32\wshbth.dll [MS] HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000007\LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll [Apple Inc.] 000000000008\LibraryPath = %SystemRoot%\system32\wshbth.dll [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 11 HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 11 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ {2318C2B1-4965-11D4-9B18-009027A5CD4F} = (no title provided) -> {HKLM...CLSID} = Google Toolbar \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Inc.] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\ {9F6B5CC3-5C7B-4B5C-97AF-19DEC1E380E5} = LastPass Toolbar -> {HKLM...Wow...CLSID} = LastPass Toolbar \InProcServer32\(Default) = C:\Program Files (x86)\LastPass\LPToolbar.dll [LastPass] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {22CC3EBD-C286-43AA-B8E6-06B115F74162}\ ButtonText = HP Smart Print MenuText = HP Smart Print Exec = C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe [Hewlett-Packard] {25510184-5A38-4A99-B273-DCA8EEF6CD08}\ ButtonText = @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 MenuText = @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 Exec = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe [null data] {2670000A-7350-4F3C-8081-5663EE0C6C49}\ ButtonText = Send to OneNote MenuText = Se&nd to OneNote CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C} -> {HKLM...CLSID} = Send to OneNote from Internet Explorer button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll [MS] {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ ButtonText = Lync Click to Call MenuText = Lync Click to Call CLSIDExtension = {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> {HKLM...CLSID} = Lync Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [MS] {43699CD0-E34F-11DE-8A39-0800200C9A66}\ ButtonText = LastPass MenuText = LastPass CLSIDExtension = {95D9ECF5-2A4D-4550-BE49-70D42F71296E} {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ ButtonText = OneNote Lin&ked Notes MenuText = OneNote Lin&ked Notes CLSIDExtension = {FFFDC614-B694-4AE6-AB38-5D6374584B52} -> {HKLM...CLSID} = Linked Notes button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\ {25510184-5A38-4A99-B273-DCA8EEF6CD08}\ ButtonText = @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 MenuText = @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 Exec = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe [null data] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Adobe Acrobat Update Service, AdobeARMservice, "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [Adobe Systems Incorporated] AllShare Framework DMS, AllShare Framework DMS, C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [Samsung] Apple Mobile Device Service, Apple Mobile Device Service, "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [Apple Inc.] AppX Deployment Service (AppXSVC), AppXSvc, C:\WINDOWS\system32\svchost.exe -k wsappx {C:\WINDOWS\system32\appxdeploymentserver.dll [MS]} AVerScheduleService, AVerScheduleService, c:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [null data] Bluetooth Service, btwdins, "c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe" [Broadcom Corporation.] Bonjour Service, Bonjour Service, "C:\Program Files\Bonjour\mDNSResponder.exe" [Apple Inc.] BrcmSetSecurity, BrcmSetSecurity, "C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe" [Intel] Fitbit Connect Service, Fitbit Connect, C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [Fitbit, Inc.] HP Support Assistant Service, HP Support Assistant Service, "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [null data] HP Support Solutions Framework Service, HPSupportSolutionsFrameworkService, "C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe" [null data] Hulpservice voor toepassingshost, AppHostSvc, C:\WINDOWS\system32\svchost.exe -k apphost {C:\WINDOWS\system32\inetsrv\apphostsvc.dll [MS]} Intel(R) Capability Licensing Service Interface, Intel(R) Capability Licensing Service Interface, "c:\Program Files\Intel\iCLS Client\HeciServer.exe" [Intel(R) Corporation] Intel(R) Dynamic Application Loader Host Interface Service, jhi_service, "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" [Intel Corporation] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS, ICCS, "C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe" [Intel Corporation] Intel(R) ME Service, Intel(R) ME Service, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [Intel Corporation] Internet Connection Sharing (ICS), SharedAccess, C:\WINDOWS\System32\svchost.exe -k netsvcs {C:\WINDOWS\System32\ipnathlp.dll [MS]} iolo System Service, ioloSystemService, "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" [iolo technologies, LLC] iPod-service, iPod Service, "C:\Program Files\iPod\bin\iPodService.exe" [Apple Inc.] LiveUpdate, LiveUpdateSvc, C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [IObit] Microsoft Office ClickToRun Service, ClickToRunSvc, "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service [MS] Monitor Virutal Wlan Secvice, MS_Virtual_Monitor, C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\CppWindowsService.exe [null data] Network Connection Broker, NcbService, C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted {C:\WINDOWS\System32\ncbservice.dll [MS]} NVIDIA Display Driver Service, nvsvc, "C:\WINDOWS\system32\nvvsvc.exe" [NVIDIA Corporation] NVIDIA GeForce Experience Service, GfExperienceService, "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe" [NVIDIA Corporation] NVIDIA Network Service, NvNetworkService, "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" [NVIDIA Corporation] NVIDIA Stereoscopic 3D Driver Service, Stereo Service, "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" [NVIDIA Corporation] NVIDIA Streamer Service, NvStreamSvc, "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" [NVIDIA Corporation] Realtek Audio Service, RtkAudioService, C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [Realtek Semiconductor] Samsung Link Service, Samsung Link Service, "C:\Program Files\Samsung\Samsung Link\Samsung Link.exe" [Copyright 2013 SAMSUNG] Windows Defender Network Inspection Service, WdNisSvc, "C:\Program Files\Windows Defender\NisSrv.exe" [MS] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <> IMFservice, Service <> ioloSystemService, Service <> SystemEventsBroker, Service <> PEVSystemStart, Service HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <> AmmyyAdmin, Service <> ioloSystemService, Service <> StartMenuService, <> str, service <> SystemEventsBroker, Service <> PEVSystemStart, Service Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ Canon BJ Language Monitor MG5200 series\Driver = CNMLMAE.DLL [CANON INC.] Canon BJ Language Monitor MG5200 series XPS\Driver = CNMXLMAE.DLL [CANON INC.] Canon BJNP Port\Driver = CNMN6PPM.DLL [CANON INC.] gcp_portmon64.dll\Driver = gcp_portmon64.dll [Google Inc.] HP C511 Status Monitor\Driver = hpinkstsC511LM.dll [Hewlett-Packard Co.] HP Discovery Port Monitor (HP ENVY 4500 series)\Driver = HPDiscoPMC511.dll [Hewlett-Packard Development Company, LP] HP Universal Port Monitor\Driver = hpbprtmon.dll [Hewlett-Packard] ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Paul\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Sonja\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Sonja\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Paul\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Sonja\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Sonja\AppData\Local\Microsoft\Windows\INetCache\IE\1SMBN4MU will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Sonja\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3068 folders=314 10929840209 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\Paul\AppData\Local\Temp emptied successfully C:\Users\Sonja\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Sonja\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not deleted "C:\Users\Sonja\AppData\Local\Microsoft\Windows\INetCache\IE\1SMBN4MU" not found ==== EOF on zo 12/04/2015 at 12:23:52,62 ======================