Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Tanya on ma 25/05/2015 at 23:44:07,59. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Tanya\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe C:\Program Files\ATKGFNEX\GFNEXSrv.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\svchost.exe -k utcsvc C:\Windows\system32\lxcrcoms.exe C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe C:\Windows\system32\taskeng.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Alwil Software\Avast5\avastui.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe C:\Users\Tanya\Documents\Yves\Steam\Steam.exe C:\Users\Tanya\Documents\Yves\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Users\Tanya\Documents\Yves\Steam\bin\steamwebhelper.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\AUDIODG.EXE C:\Users\Tanya\Downloads\zoek.exe C:\Windows\system32\conhost.exe ==== System Restore Info ====================== 25/05/2015 23:48:53 Zoek.exe System Restore Point Created Successfully. ==== Windows Installer Info ====================== Activation Assistant for the 2007 Microsoft Office suites [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9CE2AD5624609E74AA2E5B62A71AD457]C:\Windows\Installer\2fcd6.msi Adobe Reader XI (11.0.11) - Nederlands [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA73401B744BA0000000010]C:\Windows\Installer\b4dbba3.msi Adobe Refresh Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA408033019195008120111403]C:\Windows\Installer\3ef47.msi Alcor Micro USB Card Reader [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\988D22A5DDBF8EA468CE80D954CF31E3]C:\Windows\Installer\14ec9.msi ASUS AI Recovery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\20B58560D02F2BA4A94668FEA20E8F0F]C:\Windows\Installer\2fce2.msi ASUS CopyProtect [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6F7A77B636DD31F46AFF3831A7A53C45]C:\Windows\Installer\14f0b.msi ASUS Data Security Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5C2902AF9797D2149A26465872A41EEE]C:\Windows\Installer\14f05.msi ASUS FancyStart [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B8166D06F3513534185809E876E68588]C:\Windows\Installer\14f1b.msi ASUS LifeFrame3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\21F1DBD139DE0C947ACC65BCED841885]C:\Windows\Installer\14ee7.msi ASUS Power4Gear Hybrid [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D4C6861DF1B8E247B8ABFC4D4ABB58A]C:\Windows\Installer\14ee1.msi ASUS SmartLogon [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\16525446F96163A42AFF5B1E81CE565F]C:\Windows\Installer\14ef3.msi ASUS Splendid Video Enhancement Technology [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\50FA96906FF400C4496034952983EDD0]C:\Windows\Installer\14eff.msi ASUS Virtual Camera [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F12DB8CE0AC0FBB4799DA4253B00141A]C:\Windows\Installer\14eed.msi ATK Hotkey [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D29550C7B424BC645B500E10E3E8579C]C:\Windows\Installer\14ecf.msi ATK Media [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E0785E1D5E3E5744896ADA6D4125A4FD]C:\Windows\Installer\14edb.msi ATKOSD2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BF2F50B3B5472104DA2F34F9632B7EB0]C:\Windows\Installer\14ed5.msi Belgium e-ID middleware 4.0.7 (build 7466) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ED365428DA576614D90C6B84F2024766]C:\Windows\Installer\125b1c06.msi ControlDeck [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\46FE56B5AFD1A414C849B77B6251E812]C:\Windows\Installer\2fce8.msi D3DX10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7BD4C90EC03660F46A13E87A329932FA]C:\Windows\Installer\626f7.msi Fast Boot [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3F7A4F31CBAE1624FAB6317177F77055]C:\Windows\Installer\2fcdc.msi Feedback Tool [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\587E5A317915DAE4E83E6D0672E194CB]C:\Windows\Installer\76032b1.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\Windows\Installer\5705390.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A089CE062ADB6BC44A720BA745894BAC]C:\Windows\Installer\123306ac.msi Java 8 Update 31 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208130F]C:\Windows\Installer\2c1c2d.msi Junk Mail filter update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E0BA6F1DDC839B4A832AAE92BEFCF4E]C:\Windows\Installer\6276a.msi LabelPrint [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C971C95CD8669A946BAE1012CCCF2134]C:\Windows\Installer\2fcf2.msi Mesh Runtime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6116D6C8427B0184F8D20D746E7B6DE8]C:\Windows\Installer\628e1.msi Messenger Companion [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E52D2418A820365468DE755587C30892]C:\Windows\Installer\6291d.msi Microsoft .NET Framework 1.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDE7F2BCF1D91C3409CFF425AE1E271A]C:\Windows\Installer\2a40e08.msi Microsoft .NET Framework 4.5.2 (NLD) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8AF4F1DAFA56CAE32AA7BB802E86B62E]C:\Windows\Installer\a75c7e2.msi Microsoft .NET Framework 4.5.2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6414876250E69FF3395387C6C7F05BEB]C:\Windows\Installer\bd4e0.msi Microsoft Application Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021599B0090400100000000F01FEC]C:\Windows\Installer\22d0d.msi Microsoft Office Access MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109510031400000000000F01FEC]C:\Windows\Installer\1df06a.msi Microsoft Office Excel MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109610031400000000000F01FEC]C:\Windows\Installer\1df015.msi Microsoft Office File Validation Add-In [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109500200000000000000F01FEC]C:\Windows\Installer\8fe9e.msi Microsoft Office Groove MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109AB0031400000000000F01FEC]C:\Windows\Installer\1df029.msi Microsoft Office InfoPath MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109440031400000000000F01FEC]C:\Windows\Installer\1df02f.msi Microsoft Office Live Add-in 1.5 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7CEBB04F4A2C00A4B942A750A5C22526]C:\Windows\Installer\15367b.msi Microsoft Office Live Add-in Patches [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A9A7DCD8B0B848145A7D4CDBAA137C05]C:\Windows\Installer\252e000.msi Microsoft Office Office 64-bit Components 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A20000000100000000F01FEC]C:\Windows\Installer\1df077.msi Microsoft Office OneNote MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021091A0031400000000000F01FEC]C:\Windows\Installer\1df070.msi Microsoft Office Outlook Connector [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004159A70031400000000000F01FEC]C:\Windows\Installer\62930.msi Microsoft Office Outlook MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A10031400000000000F01FEC]C:\Windows\Installer\1df01c.msi Microsoft Office PowerPoint MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109810031400000000000F01FEC]C:\Windows\Installer\1df023.msi Microsoft Office Proof (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10031400000000000F01FEC]C:\Windows\Installer\1df03b.msi Microsoft Office Proof (English) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10090400000000000F01FEC]C:\Windows\Installer\1df04f.msi Microsoft Office Proof (French) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F100C0400000000000F01FEC]C:\Windows\Installer\1df048.msi Microsoft Office Proof (German) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10070400000000000F01FEC]C:\Windows\Installer\1df041.msi Microsoft Office Proofing (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109C20031400000000000F01FEC]C:\Windows\Installer\1df055.msi Microsoft Office Publisher MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109910031400000000000F01FEC]C:\Windows\Installer\1df05c.msi Microsoft Office Shared 64-bit MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A20031400100000000F01FEC]C:\Windows\Installer\1df035.msi Microsoft Office Shared MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109E60031400000000000F01FEC]C:\Windows\Installer\1df00f.msi Microsoft Office Ultimate 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002119E20000000000000000F01FEC]C:\Windows\Installer\1df080.msi Microsoft Office Word MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109B10031400000000000F01FEC]C:\Windows\Installer\1df063.msi Microsoft Save as PDF Add-in for 2007 Microsoft Office programs [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021090B0090400000000000F01FEC]C:\Windows\Installer\1866d8e.msi Microsoft Search Enhancement Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8E8B8FFC680E0ED439F5EF22AC5BF408]C:\Windows\Installer\62635.msi Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]C:\Windows\Installer\14b67c0.msi Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D034B0FAA6BD374B960AAD30DF10D8B]C:\Windows\Installer\22d50.msi Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D756077321A70C3E844C138CE981581]C:\Windows\Installer\1c2dcc5.msi Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1af2a8da7e60d0b429d7e6453b3d0182]C:\Windows\Installer\20c184d.msi Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9eab5ec6ac3d99b498a1d16c1c815acf]C:\Windows\Installer\20c1840.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\4aaa4.msi Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E5D9D200AB92D6E3B94CD3D7D6CB37C5]C:\Windows\Installer\9a4a21.msi Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E58EC68CABDDFF39B774E7BF9389C90]C:\Windows\Installer\87ca4.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC]C:\Windows\Installer\9a8517.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1007C6B46D7C017319E3B52CF3EC196E]C:\Windows\Installer\20c1846.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]C:\Windows\Installer\29622cf.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]C:\Windows\Installer\1826ca4.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]C:\Windows\Installer\6c286.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]C:\Windows\Installer\4aafb.msi Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1926E8D15D0BCE53481466615F760A7F]C:\Windows\Installer\1cbb7ae.msi Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]C:\Windows\Installer\1b7b5b8.msi Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7C9F8B73BF303523781852719CD9C700]C:\Windows\Installer\1b8a65c.msi Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3AEB2FCAE628F23AAB933F1E743AB79]C:\Windows\Installer\1b8a656.msi Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C025571B2A687A53689168CD7369889B]C:\Windows\Installer\1b8a650.msi Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DC8A59DBF9D1DA5389A1E3975220E6BB]C:\Windows\Installer\1b8a64a.msi MSVCRT [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6C64DD86500CEF47BA082BB611A1FF1]C:\Windows\Installer\626ed.msi MSVCRT_amd64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\52744B0D6663D294EB6F85A741DBB99D]C:\Windows\Installer\6276e.msi MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDA39468D428E8B4DB27C8D5DC5CA217]C:\Windows\Installer\5a752.msi MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8A266FCD4F2A1409E1C8110F44DBCE]C:\Windows\Installer\5b253.msi paint.net [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\33C2DB918A611DE49BAE9D3EB512CE24]C:\Windows\Installer\b940cd.msi Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\598A4D02C84788D478C1DF1B96B51096]C:\Windows\Installer\14ec4.msi Power2Go [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\38E1FB04BE028D11795C00905C206085]C:\Windows\Installer\19b27ba.msi ScanSoft OmniPage SE 4.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4A396E1C5D1BDCD46BD8027838B51748]C:\Windows\Installer\360d53.msi Security Update for CAPICOM (KB931906) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9F2FDFE0D6387BE43AD230B83D1FBFA2]C:\Windows\Installer\5a74b.msi SkypeT 7.4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0AB19942EE0FDA44C98CE55CA0CE6F7B]C:\Windows\Installer\4409d9e.msi swMSM [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7C43C21609E58D74B9C5F017D78D7262]C:\Windows\Installer\12d406.msi VC80CRTRedist - 8.0.50727.6195 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5104B339816461748A822598CF3061F5]C:\Windows\Installer\e43fc.msi Windows Live Communications Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3D04254D3B6B9FF42B3445CE3E1E0066]C:\Windows\Installer\62709.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B53C70A248384AD4A95944B2C6980A37]C:\Windows\Installer\628f1.msi Windows Live Family Safety [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6658C22B225D04B47AFA25F5A5078D23]C:\Windows\Installer\62919.msi Windows Live Family Safety [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EBF5A643BDA39441ACC4BFCDF422DA6]C:\Windows\Installer\626a8.msi Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26ABA8B10F47DE741BC84A13825E198B]C:\Windows\Installer\62686.msi Windows Live Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F132F0B0A6ECD384AA32773B467F9571]C:\Windows\Installer\626d6.msi Windows Live Language Selector [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC3F6BE54F64F1540A82F7D6D8537D0D]C:\Windows\Installer\6268e.msi Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A563885D93EA72F4DBEA4B7EC2E809C0]C:\Windows\Installer\62901.msi Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A57765D93F393A44082948E08362ED03]C:\Windows\Installer\627c6.msi Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C55EC23CAB21159478799076DFFE55F6]C:\Windows\Installer\62911.msi Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A3414F312C911046897B31C10C48668]C:\Windows\Installer\62915.msi Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C7BCDCEDCC85568419FA26F77989EF84]C:\Windows\Installer\628e5.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\624365A647436C148B74243BF941582B]C:\Windows\Installer\628f9.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\884FD4BEFEAAF6043A14BCA2AA13B509]C:\Windows\Installer\62752.msi Windows Live Messenger Companion Core [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C4B69A87346AF0D4892C8A1EA666969F]C:\Windows\Installer\628e9.msi Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E08F45ADC1622A148A5545A941F4F295]C:\Windows\Installer\62692.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4314AE291D01A814191EA5403531A183]C:\Windows\Installer\628d9.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9D4227BCACD61F34F838B6E1930AF029]C:\Windows\Installer\62909.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D262DB9887B64540A5A4F5FE63C38B4]C:\Windows\Installer\628f5.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6ACDB9A3563B764CA384963D73AFB3E]C:\Windows\Installer\62724.msi Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0FB3B06AB459FA248B8DC2D1436B31AA]C:\Windows\Installer\62905.msi Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\766F6333940964D4896BC447E3BE5C1B]C:\Windows\Installer\62837.msi Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DFDBABC48F94DF74EBD7CEED270725A5]C:\Windows\Installer\62718.msi Windows Live Remote Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A889D6FD0AEE7724AA8B51E880E634B9]C:\Windows\Installer\62696.msi Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\15150F9C9A59B9B45B4371062E0D415A]C:\Windows\Installer\626c5.msi Windows Live Remote Service [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8456A20EEDF62E04E89D11D9D7E746F1]C:\Windows\Installer\6268a.msi Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3CDFBC612FC20C46ACD5A2A07F7FA55]C:\Windows\Installer\626c9.msi Windows Live SOXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4E3B286A696ED244AC1C470AE61874B]C:\Windows\Installer\626ff.msi Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26CEF00243C306D4C98ECE73E2100CF8]C:\Windows\Installer\626fb.msi Windows Live Sync [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9DDE91DC23612004292147874EAB4032]C:\Windows\Installer\21180f.msi Windows Live UX Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E97A59ECCF4EFFF4A857920FB449F22F]C:\Windows\Installer\626cd.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BD4C5EB02AE8D384DB177DBE9040C0ED]C:\Windows\Installer\628ed.msi Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\076CFAAAB965F2A4284B2449E5D03EFE]C:\Windows\Installer\627fa.msi Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\329710E78F6123E449FEA051B01D69EF]C:\Windows\Installer\6290d.msi Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\60EA627A3AAA1D34783E075F0113F440]C:\Windows\Installer\628dd.msi Windows Live Writer Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B144B41D477071489AE1A6376EA2681]C:\Windows\Installer\628fd.msi Windows Movie Maker 2.6 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F45FAD3B52BD6854E91F692DB41B0488]C:\Windows\Installer\1b7216.msi WinZip 17.5 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\166F59DC4C5A5F446AAACEDD192C04BD]C:\Windows\Installer\19c82d3.msi Wireless Console 3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\849FDF02DE8C34545A937F4FEA5FFA2A]C:\Windows\Installer\14ef9.msi ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\SiteLookup deleted successfully C:\PROGRA~2\COMMON~1\Mediafour deleted successfully C:\Program Files\Fotoservice deleted successfully C:\Program Files\log deleted successfully C:\Program Files\Pixum deleted successfully C:\Program Files\Common Files\Mediafour deleted successfully C:\Users\Tanya\AppData\Roaming\LaxiusForceIII_Saves deleted successfully C:\Users\Tanya\AppData\Roaming\Media Player Classic deleted successfully C:\Users\Tanya\AppData\Roaming\PeerNetworking deleted successfully C:\Users\Tanya\AppData\Local\Asobo Studio deleted successfully C:\Users\Tanya\AppData\Local\Buried In Time deleted successfully C:\Users\Tanya\AppData\Local\Citrix deleted successfully C:\Users\Tanya\AppData\Local\Unity deleted successfully C:\Users\Tanya\AppData\Local\WinAVI deleted successfully C:\Users\Tanya\AppData\Local\WMTools Downloaded Files deleted successfully ==== Checking Systemdrive for Symlinks ====================== De volumenaam van station C is OS Het volumenummer is 94D5-B633 Map van C:\ 14/07/2009 07:08 Documents and Settings [C:\Users] 0 bestand(en) 0 bytes Map van C:\ProgramData 14/07/2009 07:08 Application Data [C:\ProgramData] 14/07/2009 07:08 Desktop [C:\Users\Public\Desktop] 14/07/2009 07:08 Documents [C:\Users\Public\Documents] 14/07/2009 07:08 Favorites [C:\Users\Public\Favorites] 14/07/2009 07:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14/07/2009 07:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\ProgramData\Oracle\Java\javapath 16/02/2015 02:00 java.exe [C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe] 16/02/2015 02:00 javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe] 16/02/2015 02:00 javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe] 3 bestand(en) 0 bytes Map van C:\Users 14/07/2009 07:08 All Users [C:\ProgramData] 14/07/2009 07:08 Default User [C:\Users\Default] 0 bestand(en) 0 bytes Map van C:\Users\All Users 14/07/2009 07:08 Application Data [C:\ProgramData] 14/07/2009 07:08 Desktop [C:\Users\Public\Desktop] 14/07/2009 07:08 Documents [C:\Users\Public\Documents] 14/07/2009 07:08 Favorites [C:\Users\Public\Favorites] 14/07/2009 07:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14/07/2009 07:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\All Users\Oracle\Java\javapath 16/02/2015 02:00 java.exe [C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe] 16/02/2015 02:00 javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe] 16/02/2015 02:00 javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe] 3 bestand(en) 0 bytes Map van C:\Users\Default 14/07/2009 07:08 Application Data [C:\Users\Default\AppData\Roaming] 14/07/2009 07:08 Local Settings [C:\Users\Default\AppData\Local] 14/07/2009 07:08 My Documents [C:\Users\Default\Documents] 14/07/2009 07:08 NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 14/07/2009 07:08 PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 14/07/2009 07:08 Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 14/07/2009 07:08 SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 14/07/2009 07:08 Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 14/07/2009 07:08 Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Default\AppData\Local 14/07/2009 07:08 Application Data [C:\Users\Default\AppData\Local] 14/07/2009 07:08 History [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 14/07/2009 07:08 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Default\Documents 14/07/2009 07:08 My Music [C:\Users\Default\Music] 14/07/2009 07:08 My Pictures [C:\Users\Default\Pictures] 14/07/2009 07:08 My Videos [C:\Users\Default\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Public\Documents 14/07/2009 07:08 My Music [C:\Users\Public\Music] 14/07/2009 07:08 My Pictures [C:\Users\Public\Pictures] 14/07/2009 07:08 My Videos [C:\Users\Public\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Tanya 20/02/2010 17:40 Application Data [C:\Users\Tanya\AppData\Roaming] 20/02/2010 17:40 Cookies [C:\Users\Tanya\AppData\Roaming\Microsoft\Windows\Cookies] 20/02/2010 17:40 Local Settings [C:\Users\Tanya\AppData\Local] 20/02/2010 17:40 Menu Start [C:\Users\Tanya\AppData\Roaming\Microsoft\Windows\Start Menu] 20/02/2010 17:40 Mijn documenten [C:\Users\Tanya\Documents] 20/02/2010 17:40 NetHood [C:\Users\Tanya\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 20/02/2010 17:40 Netwerkprinteromgeving [C:\Users\Tanya\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 20/02/2010 17:40 Recent [C:\Users\Tanya\AppData\Roaming\Microsoft\Windows\Recent] 20/02/2010 17:40 SendTo [C:\Users\Tanya\AppData\Roaming\Microsoft\Windows\SendTo] 20/02/2010 17:40 Sjablonen [C:\Users\Tanya\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Tanya\AppData\Local 20/02/2010 17:40 Application Data [C:\Users\Tanya\AppData\Local] 20/02/2010 17:40 Geschiedenis [C:\Users\Tanya\AppData\Local\Microsoft\Windows\History] 20/02/2010 17:40 Temporary Internet Files [C:\Users\Tanya\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Tanya\AppData\LocalLow 06/04/2013 20:25 PlayReady [C:\ProgramData\Microsoft\PlayReady] 0 bestand(en) 0 bytes Map van C:\Users\Tanya\AppData\Roaming\Microsoft\Windows\Start Menu 20/02/2010 17:40 Programma's [C:\Users\Tanya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\Tanya\Documents 20/02/2010 17:40 Mijn afbeeldingen [C:\Users\Tanya\Pictures] 20/02/2010 17:40 Mijn muziek [C:\Users\Tanya\Music] 20/02/2010 17:40 Mijn video's [C:\Users\Tanya\Videos] 0 bestand(en) 0 bytes Totaal aantal weergegeven bestanden: 6 bestand(en) 0 bytes 51 map(pen) 19.921.756.160 bytes beschikbaar ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3346191541-85200542-3152490922-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0042455-3DCD-4FF8-AB0F-FE507ABDBBBA} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) 3 Stars of Destiny Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player 15 Plugin Adobe Flash Player 16 ActiveX Adobe Reader XI (11.0.11) - Nederlands Adobe Refresh Manager Adobe Shockwave Player 12.1 Ahriman's Prophecy Alcor Micro USB Card Reader Alice Greenfingers ASUS AI Recovery ASUS AP Bank ASUS CopyProtect ASUS Data Security Manager ASUS FancyStart ASUS LifeFrame3 ASUS Live Update ASUS MultiFrame ASUS Power4Gear Hybrid ASUS SmartLogon ASUS Splendid Video Enhancement Technology ASUS Virtual Camera ASUS WebStorage Asus_Camera_ScreenSaver ATK Generic Function Service ATK Hotkey ATK Media ATKOSD2 Avast Free Antivirus Azada Ancient Magic Azada In Libro Collectors Edition Belgium e-ID middleware 4.0.7 (build 7466) Canon MP160 Canon Utilities Easy-PhotoPrint CCleaner Chicken Invaders 2 ControlDeck CyberLink LabelPrint CyberLink Power2Go D3DX10 Defraggler DivX Setup Dream Day Wedding Married in Manhattan Fast Boot Feedback Tool Football Manager 2013 Game Park Console Gebruikersregistratie voor Canon MP160 Google Chrome Google Update Helper Google Updater Intel(R) Graphics Media Accelerator Driver Island Wars 2 Java 8 Update 31 Java Auto Updater Junk Mail filter update K-Lite Codec Pack 10.0.5 Full Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Live Add-in 1.5 Microsoft Office Live Add-in Patches Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Ultimate 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Save as PDF Add-in for 2007 Microsoft Office programs Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Mozilla Firefox 38.0.1 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) paint.net Piggly Platform ScanSoft OmniPage SE 4.0 Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2883029) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2965282) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2965284) 32-Bit Edition SkypeT 7.4 Smileyville Spyware Doctor 7.0 Steam Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) swMSM Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2986252) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) USB 2.0 1.3M UVC WebCam VC80CRTRedist - 8.0.50727.6195 VIA Platform Device Manager Virtual Villagers 4 The Tree of Life Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin Windows Movie Maker 2.6 WinFlash WinRAR 4.20 (64-bit) WinRAR 5.01 (32-bit) WinZip 17.5 Wireless Console 3 ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\SiteLookup not found C:\found.000 deleted C:\found.001 deleted C:\PROGRA~3\Package Cache deleted C:\windows\SysNative\tasks\RunAsStdUser Task deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4062 MB CPU Info: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz CPU Speed: 2193,5 MHz Sound Card: Speakers (VIA High Definition A | Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Draadloze netwerkadapter AR9285 van Atheros | Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GSA-T50N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 116,4GB | D: 334,7GB Hard Disks - Free: C: 18,5GB | D: 160,1GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 09/12/30 | _ASUS_ - 20091204 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK Computer Inc. K70IJ Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Spyware Doctor with AntiVirus On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Spyware Doctor disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Google Chrome 43.0.2357.65 Internet Explorer Version: 11.0.9600.17801 Mozilla Firefox version: 38.0.1 (x86 nl) Google Chrome version: 43.0.2357.65 Adobe Reader version: 11.0.11.18 Sun Java version: 1.8.0_31 (32-bit) Sun Java version: 1.8.0_31 (64-bit) Flash Player version: 15.0.0.239 Shockwave Player version: 12.1r150 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Tanya\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-05-17 22:59:05 858EB73F68B20A2A5C66B6C000D1C0DD 102608 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-17 22:53:18 744AB3C1A73A57DEED49D631F1BDEA1D 2311168 ----a-w- C:\Windows\SysWOW64\wpdshext.dll 2015-05-17 22:53:13 CFCB89C0FE8EF502A7934C0D20E5DBD6 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-05-17 22:53:13 C3120D99E6DA7878A1DD2D88138AC60A 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-05-17 22:53:13 9025CA7BCD6B7956366FC90B3D6E3933 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-05-17 22:53:12 8C00AB01B1BC1E2F69765776BBC5A5D1 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-05-17 22:53:11 D74445161E58644309F858342F5E265C 19691008 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-05-17 22:53:11 C2EB0AA5570CF8BC881B36EE55A59337 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-05-17 22:53:11 C1A32612710492D0C3339E46EC15E333 504320 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-05-17 22:53:11 AA2F2D55DEF98007839D0189D721D70B 1310208 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-05-17 22:53:11 7B4FA4B41FBDBB12C5038FCB6E6652AA 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-05-17 22:53:11 746BBC86351D07859D8B40056447F7B2 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-05-17 22:53:11 6388FC82897DDDA607BBE3580D75AE15 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-05-17 22:53:09 E993B5E929F46A52E9F4EB68A7855CDF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-05-17 22:53:09 63A2E3E9C771B1D4D7D84942D6FCB661 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-05-17 22:53:09 28313FF0DE83EAD8F5EF1B963D9078C3 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-05-17 22:53:09 136687227F11CE928CB05F4FD90319AC 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-05-17 22:53:08 F2DB87F164BC13AB8EF90FBF5D866B65 664576 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-05-17 22:53:08 CC4974FCF9387F32A0FF87BCE093A5AD 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-05-17 22:53:08 C525258A00ECFB4CE089F54C163268C3 2278400 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-05-17 22:53:08 3CE5DE0730C22A54FE783DB8A989E8BD 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-05-17 22:53:08 1BBC9CFD29A62D80FB77BB69BFF7513C 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-05-17 22:53:07 BCFA71A878903B5F92A7AFEFCCC5CA97 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-05-17 22:53:07 5AAC24BF6C4A54DA526CC6244DEBE227 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-05-17 22:53:07 0E22CD36FC3292CB812CC46CBCFD8444 12828672 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-05-17 22:53:05 1C5C5B5EF9CFDFC897D4549A2385DB3A 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-05-17 22:53:04 CB5F450D21B9D76B7F01D006E4AEDB40 1882112 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-05-17 22:53:04 6E2B4875B968324E5844F35A37A79260 4305920 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-05-17 22:53:04 37625FC1DAF886F1980E2D8F315B93AC 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-05-17 22:53:04 07E82A31808C8BC053D1DE547082C58F 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-05-17 22:52:41 8D50ED3F0FBE3590AB0D43BF7B60E57A 3989440 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-05-17 22:52:40 0A66C88B087249742381924AB8F9EFCC 3934144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-05-17 22:52:39 D0F574320615303ADECDCB452EBB8930 635392 ----a-w- C:\Windows\SysWOW64\tdh.dll 2015-05-17 22:52:39 A44680B810977EA64E280523E96F2EA9 1310744 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2015-05-17 22:52:38 7A5824DC9A85FCE4334F57FF0795853E 641536 ----a-w- C:\Windows\SysWOW64\advapi32.dll 2015-05-17 22:52:38 1569F20BB9DB9FDC87A6D3C8A3726ABF 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2015-05-17 22:52:37 EB058143B57ED460AC4F2DFBA104BBFF 364544 ----a-w- C:\Windows\SysWOW64\tracerpt.exe 2015-05-17 22:52:36 C6D2D384B6232B0B800234C03C50979F 82944 ----a-w- C:\Windows\SysWOW64\logman.exe 2015-05-17 22:52:36 8C45A65ED20B487085B79EEFCC08D160 92160 ----a-w- C:\Windows\SysWOW64\sechost.dll 2015-05-17 22:52:36 66D6A06936088E412E29A182679F0D71 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-05-17 22:52:36 54A01CC4BC47B31C5CD082D064AB37BC 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-05-17 22:52:35 FCB1C8345C794FE89ABA03B4CA3131BB 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-05-17 22:52:35 AFFE5747054D03F8CEE18A8518A9AA34 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-05-17 22:52:35 97B30711DC6CA0EA4EACEDCE8080A3B4 37888 ----a-w- C:\Windows\SysWOW64\relog.exe 2015-05-17 22:52:35 850F756363237A2EB069B9B25EF8BEC3 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-05-17 22:52:35 7F99900705E249E9D5C55E490B7D076E 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2015-05-17 22:52:35 74C0EC1257698176E288DA282F318E1C 40448 ----a-w- C:\Windows\SysWOW64\typeperf.exe 2015-05-17 22:52:35 0B6E937863837BA3383E9CE9200DDF1E 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-05-17 22:52:34 F286528898342F0F1EB402606750C391 17408 ----a-w- C:\Windows\SysWOW64\diskperf.exe 2015-05-17 22:52:34 D9E25B4BD2120CC5183CCCE9421C7AFE 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2015-05-17 22:52:34 ABA025664F9F42C568B2C022AADCB18F 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2015-05-17 22:52:34 99A508910BB06DFBE99D9AF7D6B4E950 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-05-17 22:52:34 79AF005633B7E41B7A194A7E7B9D3D93 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-05-17 22:52:34 3346701038E55BD366F3D5CE31F55483 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2015-05-17 22:52:33 741DB93796E7D4F3F804C13537FB40F4 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-05-17 22:52:33 6BB13D5E12C5C4D829C1D640DF269EA0 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2015-05-17 22:52:30 F43CB86F9536B17E5C7CFCFB48ACBE54 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2015-05-17 22:52:29 D9716B488CC27652C12B1B5E0944987E 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2015-05-17 22:52:29 D079A408CC3E22A09D1260A6F18FC0FD 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-05-17 22:52:29 9638DA21E965E23C85C4319F3F66D824 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2015-05-17 22:52:29 86B2AC15999BB4F8B5C84AB6154A1783 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-05-17 22:52:28 BF9BB4113E9FCDABD4C703DDD06293F3 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-05-17 22:51:19 D0CA74BE380498A0111A73EB9C76CF8F 342016 ----a-w- C:\Windows\SysWOW64\certcli.dll 2015-05-17 22:51:19 2665A3D34D1C62DF303723422215B001 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-05-17 22:50:14 418AEC0CE89A13200F2820079B9CDFD9 216064 ----a-w- C:\Windows\SysWOW64\InkEd.dll 2015-05-17 22:50:07 C489D8B4D8C64F20CC75A93F541F7D91 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe 2015-05-17 22:50:04 C22AB1781BC6F0BB1C9B352CF66DBFFC 1250816 ----a-w- C:\Windows\SysWOW64\DWrite.dll 2015-05-17 22:47:24 D3E8C7FADB758E5D222C639CC65790AD 295936 ----a-w- C:\Windows\SysWOW64\apphelp.dll 2015-05-17 22:47:23 DCA2C6E7990771209CDD8E9DA90ED0E2 5120 ----a-w- C:\Windows\SysWOW64\shimeng.dll 2015-05-17 22:47:23 715C060150D969B0DE5DD5B365A712AF 20992 ----a-w- C:\Windows\SysWOW64\sdbinst.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-05-17 22:59:06 189FB45D7442083AE8A2E4E612233EF7 124112 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2015-05-17 22:53:18 E5404072A5A9E0B452ADDF1D1339176C 2543104 ----a-w- C:\Windows\Sysnative\wpdshext.dll 2015-05-17 22:53:13 E802824B9B4A16355A5233A7B8215ECE 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-05-17 22:53:13 9DCD15027A13195ABA68B40A5EB26691 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-05-17 22:53:12 70EDB996FE1BCB699232A15CB0D0FA32 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-05-17 22:53:11 6D2787CD32595A91969502A399E7BA48 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-05-17 22:53:11 5EDC6AF7589B65C89CB1154B3377D0C4 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-05-17 22:53:11 1122DD841CCB7E07EF41039CBD66A29E 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-05-17 22:53:09 D7B9EEF960F68DC18724BB5F89A464DD 389840 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-05-17 22:53:08 ED4EB5A0CDD251A17B946C515CB94D70 1547264 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-05-17 22:53:08 2A2CDE78F9E9019AD0E4D804A02688A3 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-05-17 22:53:08 010F562B961AB8CAEC7A0C72F8FDD690 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-05-17 22:53:07 EB9FCD39D65E23380CB2C2F0E6F2ED53 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-05-17 22:53:07 E20B5098C8707B2CF0858024568234FF 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-05-17 22:53:06 F28577138120BA7E5423820D4B4C4727 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-05-17 22:53:06 49B1935F131A44CD29857D6900CB643F 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-05-17 22:53:05 F918BE3C5ACA0B6485D725CC1A5348DC 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-05-17 22:53:05 B85ECB91C88F6E74045061B7F7DDEFA2 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-05-17 22:53:05 843D063E75B19188759CBEC82828BCB1 2885120 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-05-17 22:53:04 29BBA65402DD568F49C837533F269482 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-05-17 22:53:04 0B4E78E6E65D1FD2CE55C93CF1EFD623 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-05-17 22:53:03 E061B5A1D0F9BBACA41149201ADF4A3B 14401536 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-05-17 22:53:03 CA0369799519F33DDE8FD26F5D87D014 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-05-17 22:53:03 1D610F215769E4FF56C7B1847DE4B86D 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-05-17 22:53:02 1921A72BF1273BED72E569EF1F1A0611 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-05-17 22:53:01 FFC30231459FC44FD73E07532C707791 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-05-17 22:53:01 DC1200D3C3AC1E69A4DAD053BC26BF0D 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-05-17 22:53:01 79A4C71CD8B610DE9F66B72B5654C450 6025728 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-05-17 22:53:01 63061A0826839DE8F5B4713976C99F1B 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-05-17 22:53:00 F0289B3A341429117696F0279DA977B6 2352128 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-05-17 22:53:00 C1D6BD834E69E8F77C8B4DDFCEE073F6 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-05-17 22:52:59 F2A1718334172C0F4E231E998F6CB8AB 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-05-17 22:52:59 5A18ACE782C215300BE1C82D9EDC565B 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-05-17 22:52:58 C31D57F7A58FACDA2671075CEBA75199 24971776 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-05-17 22:52:44 EA8A3E8C674B03CB4AFA1D344DBD7BC1 1254400 ----a-w- C:\Windows\Sysnative\diagtrack.dll 2015-05-17 22:52:44 D449C36379EBEFD3CCDAEC328002BB5B 36864 ----a-w- C:\Windows\Sysnative\UtcResources.dll 2015-05-17 22:52:43 A985325F4FE72FB003749A2FBBA9952E 5569984 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-05-17 22:52:43 8453010B6512DAEAFC61CC0836FA137E 1728960 ----a-w- C:\Windows\Sysnative\ntdll.dll 2015-05-17 22:52:40 10D39E74B0D5011A8C199B9646579C3F 879104 ----a-w- C:\Windows\Sysnative\tdh.dll 2015-05-17 22:52:39 B01B21E15671ACD3F0AD131DC4CABFC7 879104 ----a-w- C:\Windows\Sysnative\advapi32.dll 2015-05-17 22:52:39 1C9F2F4A2C603739BD8CC8C64310AFD7 1162752 ----a-w- C:\Windows\Sysnative\kernel32.dll 2015-05-17 22:52:38 FDF1E0FD74DED0034BA6FFB665E0641E 424448 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2015-05-17 22:52:38 DA8B541825991F6699790E617FF0FF60 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-05-17 22:52:38 A0BCD6A64281492EFAE02AC144A335F1 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2015-05-17 22:52:38 408A8232E84515E4AA819E0C95E65257 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-05-17 22:52:37 EE27E1D639E3807229C15AF94320CF0A 404992 ----a-w- C:\Windows\Sysnative\tracerpt.exe 2015-05-17 22:52:37 D17DD01601460F5899E5C154B3FD0BFA 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll 2015-05-17 22:52:37 9C5DBA74D0C641C2A4ABDC79969B7BEF 104448 ----a-w- C:\Windows\Sysnative\logman.exe 2015-05-17 22:52:37 52146DBFE253B83FAB1980AA704C7974 113664 ----a-w- C:\Windows\Sysnative\sechost.dll 2015-05-17 22:52:37 0CD609B1143961F5C3BA691729A6A5DA 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-05-17 22:52:36 E55A72876BC5E244D0A8F7F07862A939 338432 ----a-w- C:\Windows\Sysnative\conhost.exe 2015-05-17 22:52:36 CCAB9BE9C9100C5F54A5A8F355730841 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-05-17 22:52:36 52935C072F8D5A92508AA3A3CC9133C7 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-05-17 22:52:35 FE60A67032A5C94F6ACE483C8FE84105 47104 ----a-w- C:\Windows\Sysnative\typeperf.exe 2015-05-17 22:52:35 DA5EF2CC0764BE7097BAFA9CAF903FE8 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2015-05-17 22:52:35 CD3770C78AFFC223A3B9D38F27B7A309 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-05-17 22:52:35 ACE24D86D2714FCC1639F890DF54951B 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-05-17 22:52:35 A3DCC3D8BB57E31EA07949313CC3A3CF 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2015-05-17 22:52:35 9262D6E2C239EDD6D87B080F2BCCEC9F 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-05-17 22:52:35 79F036EB691ABBA84E8EB1715E5F2B17 43008 ----a-w- C:\Windows\Sysnative\relog.exe 2015-05-17 22:52:35 4DD0098FFAB4664DB979537C48AE055F 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-05-17 22:52:35 40C5EA47D4AEC96249B09BF0C076A60C 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-05-17 22:52:35 2292CD8500725B94B7D2E3C0C84F2D19 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-05-17 22:52:34 E1B0C7042BA7B8903D60DF3885F2DFE7 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2015-05-17 22:52:34 D2602AC48B38FA10956E32D18E7143B0 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2015-05-17 22:52:34 BB7BAF9532DBA5AB4009E981687D1EA6 19456 ----a-w- C:\Windows\Sysnative\diskperf.exe 2015-05-17 22:52:34 ADC2D7B5BFF277E5A9FACE6A21A24ABC 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-05-17 22:52:34 8C711AF30BE3991050D0D011D92CFBE0 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2015-05-17 22:52:34 50EBA6640805F6D5EF4A0DCEF2D180AB 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-05-17 22:52:34 0D9BDBE780DD81757AC5AF87E8B1EBEC 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-05-17 22:52:33 D205305FB0E352A9D4CF922D6A016BF4 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2015-05-17 22:52:29 AF278DB00C43E925E58C8CA2C0CF4C71 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-05-17 22:52:29 90293AAC2AB0908BFF98ADB89CEBC931 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll 2015-05-17 22:52:29 7A448B8CED7F7348C36159D5CC8E19ED 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-05-17 22:52:28 90DC7B112F946B412C9CDC6F459F4053 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-05-17 22:51:19 ED4B980701D081AC42F7B121C1E42149 460800 ----a-w- C:\Windows\Sysnative\certcli.dll 2015-05-17 22:51:19 8AD8D17425C75D2621B2CDFE0DEABD21 342016 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-05-17 22:50:20 71C85477DF9347FE8E7BC55768473FCA 328704 ----a-w- C:\Windows\Sysnative\services.exe 2015-05-17 22:50:14 2B36E0C5C262437E1B098344DEFA55F8 275456 ----a-w- C:\Windows\Sysnative\InkEd.dll 2015-05-17 22:50:13 6B0F962B1EE486FFE7BCABBC9C736976 24576 ----a-w- C:\Windows\Sysnative\jnwmon.dll 2015-05-17 22:50:07 C7E50B04623FC6FF54EAF88938A8936E 142336 ----a-w- C:\Windows\Sysnative\poqexec.exe 2015-05-17 22:50:06 E612E86FA15EA1EF9A52433A2743C447 1179136 ----a-w- C:\Windows\Sysnative\FntCache.dll 2015-05-17 22:50:05 D858C33B133740D5F1F1CF71C33F6355 3204608 ----a-w- C:\Windows\Sysnative\win32k.sys 2015-05-17 22:50:05 490505F6E53EF046EC70A353BC9CD615 1647104 ----a-w- C:\Windows\Sysnative\DWrite.dll 2015-05-17 22:47:23 F55F287810AAF708618793764AF7D1BB 23552 ----a-w- C:\Windows\Sysnative\sdbinst.exe 2015-05-17 22:47:23 83BFCCAC53795E8A5055A93672D0C46C 72192 ----a-w- C:\Windows\Sysnative\aelupsvc.dll 2015-05-17 22:47:23 7E21D3072EB20D5400919D435D549A9B 6656 ----a-w- C:\Windows\Sysnative\shimeng.dll 2015-05-17 22:47:23 31D260ADAF1CCFEFC49DB9FBCE9986DA 342016 ----a-w- C:\Windows\Sysnative\apphelp.dll ====== C:\Windows\Sysnative\drivers ===== 2015-05-17 22:52:37 F7DFAE6040AC910B7C64EE208A34157D 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-05-17 22:52:37 8FE94F2EF9BF444E93E35D87E210D02F 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== 2015-05-19 22:51:55 C29A88096C22F978905D694AA9ECDB9B 3106 ----a-w- C:\Windows\Sysnative\Tasks\P4G Sidebar ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Tanya\AppData\Roaming ====== 2015-05-22 21:00:44 -------- d-----w- C:\Users\Tanya\AppData\Local\HEMA fotoalbum be-nl ====== C:\Users\Tanya ====== 2015-05-25 14:06:00 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Tanya\Downloads\RSITx64 (2).exe 2015-05-25 14:01:09 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Tanya\Downloads\RSITx64 (1).exe 2015-05-25 13:58:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Tanya\Downloads\RSITx64.exe 2015-05-22 21:00:37 289D683C7AB3035789FD5C1120B03D9D 1558568 ----a-w- C:\Users\Tanya\Downloads\setup_Kruidvat_fotoservice.exe 2015-05-22 20:55:00 10BED9E0C1A3D79CAC52D9C1DC1557F6 6967152 ----a-w- C:\Users\Tanya\Downloads\Hema_BE_NL.exe 2015-05-22 20:44:09 401537DF4ADCCF2A02D3D3309AF5F014 1626584 ----a-w- C:\Users\Tanya\Downloads\setup_Pixum_Fotoboek.exe 2015-05-19 22:21:37 FEC2F27B4177267AE6CD92D71A42FCC1 45874680 ----a-w- C:\Users\Tanya\Downloads\eID-QuickInstaller-407-7466-signed_tcm227-258853.exe ====== C: exe-files == 2015-05-25 14:06:00 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Tanya\Downloads\RSITx64 (2).exe 2015-05-25 14:01:09 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Tanya\Downloads\RSITx64 (1).exe 2015-05-25 13:58:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Tanya\Downloads\RSITx64.exe 2015-05-23 10:09:09 AADED8A9C6F62D31C149226C9F02D6EF 42077776 ----a-w- C:\Program Files (x86)\Google\Update\Install\{8A3DC2CA-B722-4F82-AEE8-3A497F7F80BC}\43.0.2357.65_chrome_installer.exe 2015-05-23 10:09:08 AADED8A9C6F62D31C149226C9F02D6EF 42077776 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.65\43.0.2357.65_chrome_installer.exe 2015-05-22 21:00:37 289D683C7AB3035789FD5C1120B03D9D 1558568 ----a-w- C:\Users\Tanya\Downloads\setup_Kruidvat_fotoservice.exe 2015-05-22 20:55:00 10BED9E0C1A3D79CAC52D9C1DC1557F6 6967152 ----a-w- C:\Users\Tanya\Downloads\Hema_BE_NL.exe 2015-05-22 20:44:09 401537DF4ADCCF2A02D3D3309AF5F014 1626584 ----a-w- C:\Users\Tanya\Downloads\setup_Pixum_Fotoboek.exe 2015-05-22 19:48:25 CCAF0DCB4BEF3FCD615E15B46B22F349 6714960 ----a-w- C:\Program Files (x86)\Google\Update\Install\{B8EBF3C3-729F-4F4B-9406-9D03C892487A}\43.0.2357.65_42.0.2311.152_chrome_updater.exe 2015-05-22 19:48:24 CCAF0DCB4BEF3FCD615E15B46B22F349 6714960 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.65\43.0.2357.65_42.0.2311.152_chrome_updater.exe 2015-05-21 19:45:13 E61C378A29979BD8840EEFAC0F36C231 406528 ----a-w- C:\Windows\SysWOW64\GWX\GWX.exe 2015-05-21 19:45:13 B94C770978AD994F419D92FE24FD3F0F 360240 ----a-w- C:\Windows\System32\GWX\GWXUXWorker.exe 2015-05-21 19:45:13 A9B579DCC2BCAB35AAD2B88F0C22ACF2 476160 ----a-w- C:\Windows\System32\GWX\GWX.exe 2015-05-21 19:45:13 4F7DF2B33A4691E08B2B96FC98A4388F 401408 ----a-w- C:\Windows\System32\GWX\GWXUX.exe 2015-05-21 19:45:13 39553E30D5CE09168F1E82A2FA563FDF 667136 ----a-w- C:\Windows\System32\GWX\GWXConfigManager.exe 2015-05-19 22:42:00 EB81815F1628247337DCF5C44A137366 869192 ----a-w- C:\Users\Tanya\AppData\Local\Google\Chrome\User Data\SwReporter\3.20.1\software_reporter_tool.exe 2015-05-19 22:21:37 FEC2F27B4177267AE6CD92D71A42FCC1 45874680 ----a-w- C:\Users\Tanya\Downloads\eID-QuickInstaller-407-7466-signed_tcm227-258853.exe 2015-05-19 21:33:50 0894890F30B5F6510DF953BC50B5504F 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateWebPlugin.exe 2015-05-19 21:33:49 F6EEE6848E933962E12E7B3F25C73C88 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateBroker.exe 2015-05-19 21:33:49 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateSetup.exe 2015-05-19 21:33:49 6732C4A894855042FD3618406B6BBD48 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe 2015-05-19 21:33:37 BB3045B399D898061B926B447C446E05 127816 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateComRegisterShell64.exe 2015-05-19 21:33:37 8715A0D10CFFC8DEE923957F07DAA042 244040 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe 2015-05-19 21:33:37 6509A96DAE25340772B51AC020CB1094 304968 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe 2015-05-19 21:32:20 0C03FB91E17987EED93F60007B08DAA0 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdate.exe 2015-05-19 21:32:16 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Install\{062D1CB1-AB79-4E5D-9AC8-45B0D6130046}\GoogleUpdateSetup.exe 2015-05-19 21:32:15 C990A8EAD57DA59FA8156CC02D3B7DA5 931408 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.27.5\GoogleUpdateSetup.exe === C: other files == 2015-05-20 19:02:37 0D0A6C5EB18C696AB3B340D4FECB3ABB 38844 ----a-w- C:\Users\Tanya\Downloads\Ondertitel.com-367-The-Avengers-(2012)-DVDRip-XviD-MAXSPEED.zip 2015-05-19 22:23:13 2DD63DBA58D76D3B500EEC1EF77B97EC 43392 -c--a-w- C:\drivers\apg8201z.sys 2015-05-19 22:23:13 0F39961D10D4DE80C95BE441E42D9C23 50688 -c--a-w- C:\drivers\apg8201zx64.sys ======== System Restore Points ======== RP856: 25/05/2015 23:47:53 - zoek.exe restore point ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "SSBkgdUpdate"="C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot" "AvastUI.exe"="C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "20150107"="C:\Program Files\Alwil Software\Avast5\setup\emupdate\aa068919-1a64-4dd6-a4e7-6afab5258ecb.exe /check" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EeeStorageBackup"="C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe MySyncFolder" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Creative Cloud] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Creative Cloud" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\ACC\\Creative Cloud.exe\" --showwindow=false --onOSstartup=true" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray] "command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe" "hkey"="HKLM" "item"="ADSMTray" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmIcoSinglun64] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AmIcoSinglun64" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\AmIcoSingLun\\AmIcoSinglun64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Camera ScreenSaver] "command"="C:\\Windows\\AsScrProlog.exe" "hkey"="HKLM" "item"="ASUS Camera ScreenSaver" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beid] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="beid" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Belgium Identity Card\\beid35gui.exe\" /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DivXUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EzPrint] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EzPrint" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Lexmark 2400 Series\\ezprint.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HotKeysCmds" "hkey"="HKLM" "command"="C:\\Windows\\system32\\hkcmd.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IgfxTray" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxtray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LXCRCATS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LXCRCATS" "hkey"="HKLM" "command"="rundll32 C:\\Windows\\system32\\spool\\DRIVERS\\x64\\3\\LXCRtime.dll,RunDLLEntry" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\lxcrmon.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="lxcrmon.exe" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Lexmark 2400 Series\\lxcrmon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes' Anti-Malware] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Malwarebytes' Anti-Malware" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\micoach] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="micoach" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\adidas\\miCoach Manager\\miCoachManager.exe\" /autostart " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OpwareSE4] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="OpwareSE4" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\ScanSoft\\OmniPageSE4.0\\OpwareSE4.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\P2Go_Menu] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\Power2Go\" UpdateWithCreateOnce \"SOFTWARE\\CyberLink\\Power2Go\\6.0\"" "hkey"="HKLM" "item"="P2Go_Menu" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Persistence" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxpers.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdateLBPShortCut" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\LabelPrint\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\LabelPrint\" UpdateWithCreateOnce \"Software\\CyberLink\\LabelPrint\\2.5\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Tanya^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk] "item"="OneNote 2007 Schermopname en Snel starten" "path"="C:\\Users\\Tanya\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OneNote 2007 Schermopname en Snel starten.lnk" "backup"="C:\\Windows\\pss\\OneNote 2007 Schermopname en Snel starten.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\MICROS~1\\Office12\\ONENOTEM.EXE" ==== Startup Folders ====================== 2010-01-21 23:39:08 2617 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05/01/2015 01:37] C:\Windows\tasks\Google Software Updater.job --a------ C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [06/10/2011 22:19] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/07/2014 17:33] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/07/2014 17:33] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASPG" [C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe] "C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe] "C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Google Software Updater" [C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\P4G Sidebar" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3346191541-85200542-3152490922-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3346191541-85200542-3152490922-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe] "C:\Windows\SysNative\tasks\{1FFE4CC3-F475-4824-B4CF-FFB73682EFD4}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\{5D24ED1C-3588-4E6E-83EC-7780B2145142}" [E:\Install\Setup.exe] "C:\Windows\SysNative\tasks\{B5631D75-FB13-4B2D-992D-060A4C3A3B1E}" [E:\Install\Setup.exe] "C:\Windows\SysNative\tasks\{BF2AE53E-35FD-47D1-A48F-DAC17880927A}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe] "C:\Windows\SysNative\tasks\{F291AACD-C831-49F6-8765-28AAF1625F6D}" [E:\Install\Setup.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [22/04/2015 16:29] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Undetermined - %AppDir%\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Tanya\AppData\Roaming\Mozilla\Firefox\Profiles\87yl2w52.default-1404823525968 0E8B2D0D9E3415A91EF259CE1112C579 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll - Shockwave for Director / Shockwave for Director 8303B3CEC05500F763B4FA75210598BB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.65 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswwebrepchrome-sp.crx[04/08/2014 17:07] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[22/04/2015 16:28] Avast SafePrice - Tanya\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck Bookmark Manager - Tanya\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik Avast Online Security - Tanya\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Google Wallet - Tanya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Startpages ====================== C:\Users\Tanya\AppData\Local\Google\Chrome\User Data\Default\Preferences google.com/","https://www.google.com/","https://www.googleapis.com/*"],"update_url":"https://clients2.google.com/service/update2/crx","version":"0.1.1.0"},"path":"nmmhkkegccagdldgiimedpiccmgmieda\\0.1.1.0_0","preferences":{},"regular_only_preferences":{},"running":false,"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"pafkbggdmjlpgkdkcbjmhmfcdpncadgh":{"active_permissions":{"api":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","pushMessaging.onMessage","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13053230806825027","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","identity","metricsPrivate","notifications","pushMessaging","storage","tabs","webstorePrivate","\u003Call_urls>"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\36.0.1985.143\\resources\\google_now","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"11C94CBF9205365337CBA75B1EA3F9861B4B96495C35DDFAF06AB96A856A9663"},"default_search_provider":{"keyword":"97FA0A6499B0D639F9420553732EAC8503C501878FCD1185CB86AAC1796390B8","name":"815D69E6A35E490BA35E454C24C4A8886F1F4F0B042DE0CC479D70A0DF09BE5C","search_url":"DA582A543AC5870DD31854305DF56A9E8FE22D4D5A601B5C0062F742A863B48E"},"default_search_provider_data":{"template_url_data":"182E8558BE09E0E60B62BD917414C51FAEBAAC1A3FEC261163979F5918F1CA96"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"01A59591C3497FC131803E45EB87D486376C24015B451F1D09CCE75609EDA3EE","bepbmhgboaologfdajaanbcjmnhjmhfn":"D2239F4F40B3D26E37F7DD3FB3CDD5A032CF5BFCD5808C3BCE57D8D91272E008","eemcgdkfndhakfknompkggombfjjjeno":"AADF8E6BAA6447BE4799D52BDF61F5AD0419A272CBA6F4826DE5C4BF39842B55","ennkphjdgehloodpbhlhldgbnhmacadg":"30B29D21382F473812775AEF55404191CA9CBF70BDC57042E143B95A4354BAC7","eofcbnmajmjmplflapaojjnihcjkigck":"73ECF6298379A8924477704127A067E4631AC165C8E140954D8834A9C1A3D5B5","gfdkimpbcpahaombhbimeihdjnejgicl":"AAD31C176EAD19A5A5A557CF9D57CEC6B090F9ED476F2A5C5CD7C37197024C56","gmlllbghnfkpflemihljekbapjopfjik":"B14C44A3468C1AF4E38FD51C318D135F49618724951BD8157A0C847398EA0D15","gomekmidlodglbbmalcneegieacbdmki":"6F993FD04100560D3934375D740BBB8C0E44C9D484016150234F3C0362CFBABE","kmendfapggjehodndflmmgagdbamhnfd":"175C6A04C329BCFEA0461F26CD0EB82D1BBF92ED0C1E961F16AA3EB4B470CDD8","mfehgcgbbipciphmccgaenjidiccnmng":"AF5683A3C43BBB8C953866CAF40B6A81FB6B1F804DE31F0B2FC1FA580ABE3A29","mgndgikekgjfcpckkfioiadnlibdjbkf":"BDBAAEF6023A60FF406A46F1B59C9A9EB2D6333594298CF32407923F0DBFE84F","mhjfbmdgcfjbbpaeojofohoefgiehjai":"A0D62FE0E44627AF7A2E1E2BBE1D5E710A2B4B015DD14540FED830EA668B2429","neajdppkdcdipfabeoofebfddakdcjhd":"5DD4049D7F3A6DB1C195B5B3C6C6EAB174979CC461888B3CC4AD4E9A94B9181A","nkeimhogjdpnpccoofpliimaahmaaome":"DDCF981CCA4E7B71B2704379714C2DA51C77B7904F2457E5B734A2F18C03B604","nmmhkkegccagdldgiimedpiccmgmieda":"EDC77049E2F193D0B416D6B6E2E5DF7DBCA0B6BB08124BF2176EC59EE5BAAAEB","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"628C3DCAC1E167E22FB42E858B470B5D04C55CB04E0E7DAEC14B88BFEB82A49D"}},"google":{"services":{"last_username":"26BF538712D188999687E7A5AA30CFF9DDCB4F2EDAFD70E08E37C1B3D49880C3","username":"D729A3460DD32587D47B7F291F34A64EBB6E274D39DDBA58986AE72757E80CBE"}},"homepage":"E96CAB00ABDEAF8BE78A579E5DAC917597C5E93FBA2F58A0DB9F0205340DB42C","homepage_is_newtabpage":"A029E3E18B5496DFA96FC37E67B885CE65AD47658C2418CBEA6D2960E32146F9","pinned_tabs":"AEA33567814CA028405808EC4C90EB36B126B164CB0E3487B1E3873A824839C2","prefs":{"preference_reset_time":"101AA283B98DE620A452DB7A6CBAC50320F4B74AA73114EE4663C0C50A8AF910"},"profile":{"reset_prompt_memento":"0E592DD36D2097DFDC8D744D7AF02A620C4C3474FB3818EF364F04F178AC6D1D"},"safebrowsing":{"incidents_sent":"426423921458DB0CE5DCE665EE26C6B10B2682B4C86CE8DC3F1B1639021A36F6"},"search_provider_overrides":"DFE7D22565D1AD68156CD0DB13B28066B4C0B6808EC3544AEA3708DEF1C7394A","session":{"restore_on_startup":"1B15C01A2C9CFF63FF696F93ED70756D1414B8F383A3D8B02FBFCFAEDA7B799D","startup_urls":"A608E47BD5355B60477D064EEE4D40235DAB2A8BC0CEEC175BE96D632BB019D4"},"software_reporter":{"prompt_reason":"3844ACAA52BA2C1B8C0EAD43C353CFC4376B43B378D68A167FB64F7712100CD6","prompt_seed":"0316B10292DBB59F9494BE55F2A70B34261F656BA16E9731736F80F27DED5F10","prompt_version":"3D968543F623CCB1BCCCA54634D8A2F707A5EB4BB3648141AA0D42CAA465888E"},"sync":{"remaining_rollback_tries":"C3EDECF00299D89E2097B6D40FF510A2CBE3CD6F356F2D94C34E76FA16F317D4"}},"super_mac":"9709C95B0E235A91E49E539D7F140169FB76C94E4B434A1AE0399B8949EDA994"},"sync":{"remaining_rollback_tries":0}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Reset Google Chrome ====================== C:\Users\Tanya\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Tanya\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully C:\Users\Tanya\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Tanya\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Tanya\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\Tanya\Desktop\CLB\Computer - Snelkoppeling.lnk - C:\Users\Tanya\Desktop\Clean up\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe C:\Users\Tanya\Desktop\Clean up\Defraggler.lnk - C:\Program Files\Defraggler\Defraggler64.exe C:\Users\Tanya\Desktop\Clean up\Spyware Doctor.lnk - C:\Program Files (x86)\Spyware Doctor\pctsGui.exe C:\Users\Tanya\Desktop\Spelletjes\3 Stars of Destiny.lnk - D:\Spelletjes\3 Stars of Destiny\3Stars.exe C:\Users\Tanya\Desktop\Spelletjes\Aveyond 0 - Ahriman's Prophecy.lnk - D:\Spelletjes\Ahriman's Prophecy\RPG_RT.exe C:\Users\Tanya\Desktop\Spelletjes\Aveyond 1 - Rhen's quest.lnk - D:\Spelletjes\Aveyond 1 - Rhen's quest\Aveyond.exe C:\Users\Tanya\Desktop\Spelletjes\Aveyond 2 - Ean's quest.lnk - D:\Spelletjes\Aveyond 2 - Ean's Quest\Aveyond2.exe C:\Users\Tanya\Desktop\Spelletjes\Aveyond 3a - Lord of Twilight.lnk - D:\Spelletjes\Aveyond 3 - Lord of Twighlight\Aveyond - Lord of Twilight.exe C:\Users\Tanya\Desktop\Spelletjes\Aveyond 3b - Gates of Night.lnk - D:\Spelletjes\Aveyond 4 - Gates of Night\Aveyond - Gates of Night.exe C:\Users\Tanya\Desktop\Spelletjes\Aveyond 3c - The Lost Orb.lnk - D:\Spelletjes\Aveyond 5 - The Lost Orb\Aveyond - The Lost Orb.exe C:\Users\Tanya\Desktop\Spelletjes\Aveyond 3d - The Darkthrop Prophecy.lnk - D:\Spelletjes\Aveyond 6 - The Darkthrop Prophecy\Aveyond - The Darkthrop Prophecy.exe C:\Users\Tanya\Desktop\Spelletjes\Azada 1.lnk - D:\Spelletjes\Azada\Azada.exe C:\Users\Tanya\Desktop\Spelletjes\Azada 2 - Ancient Magic.lnk - D:\Spelletjes\Azada Ancient Magic\AzadaAncientMagic.exe C:\Users\Tanya\Desktop\Spelletjes\Azada In Libro Collectors Edition.lnk - D:\Spelletjes\Azada 3\Azada_In_Libro.exe C:\Users\Tanya\Desktop\Spelletjes\Cooking Academy 1.lnk - D:\Spelletjes\Cooking Academy\CookingAcademy.exe C:\Users\Tanya\Desktop\Spelletjes\Cooking Academy 2.lnk - D:\Spelletjes\Cooking Academy 2 World Cuisine\CookingAcademy2.exe C:\Users\Tanya\Desktop\Spelletjes\Fabulous Finds.lnk - D:\Spelletjes\Fabulous Finds\Fabulous Finds.exe C:\Users\Tanya\Desktop\Spelletjes\Feeding Frenzy 1.lnk - D:\Spelletjes\Feeding Frenzy 1\FeedingFrenzy.exe C:\Users\Tanya\Desktop\Spelletjes\Feeding Frenzy 2.lnk - D:\Spelletjes\Feeding Frenzy 2\FeedingFrenzyTwo.exe C:\Users\Tanya\Desktop\Spelletjes\Home Sweet Home 1.lnk - D:\Spelletjes\Home Sweet Home\HomeSweetHome_EN.exe C:\Users\Tanya\Desktop\Spelletjes\Home Sweet Home 2.lnk - D:\Spelletjes\Home Sweet Home 2 Kitchens And Baths\Home Sweet Home 2.exe C:\Users\Tanya\Desktop\Spelletjes\Insaniquarium.lnk - D:\Spelletjes\Insaniquarium\Insaniquarium.exe C:\Users\Tanya\Desktop\Spelletjes\Jojos Fashion Show 1.lnk - D:\Spelletjes\Jojos Fashion Show\JojosFashionShow.exe C:\Users\Tanya\Desktop\Spelletjes\Jojos Fashion Show 2.lnk - D:\Spelletjes\Jojos Fashion Show 2\JojosFashionShow2.exe C:\Users\Tanya\Desktop\Spelletjes\Jojoss Fashion Show 3.lnk - D:\Spelletjes\Jojos Fashion Show World Tour\Jojos3.exe C:\Users\Tanya\Desktop\Spelletjes\Magic Academy 2.lnk - D:\Spelletjes\Magic Academy 2\MagicAcademy2.exe C:\Users\Tanya\Desktop\Spelletjes\Princess Isabella.lnk - D:\Spelletjes\Princess Isabella\Princess.exe C:\Users\Tanya\Desktop\Spelletjes\Saints and Sinners Bowling.lnk - D:\Spelletjes\Saints & Sinners Bowling\Bowlmore.exe C:\Users\Tanya\Desktop\Spelletjes\Strange Cases.lnk - D:\Spelletjes\Strange Cases The Tarot Card Mystery\StrangeCases.exe C:\Users\Tanya\Desktop\Spelletjes\Top Chef.lnk - D:\Spelletjes\Top Chef\TopChef.exe C:\Users\Tanya\Desktop\Spelletjes\Virtual Villagers 2 - The Secret City.lnk - D:\Spelletjes\Virtual Villagers 3\Virtual Villagers - The Secret City.exe C:\Users\Tanya\Desktop\Spelletjes\Virtual Villagers 3 - The Lost Children.lnk - D:\Spelletjes\Virtual Villagers 2\Virtual Villagers - The Lost Children.exe C:\Users\Tanya\Desktop\Spelletjes\Virtual Villagers 4 The Tree of Life.lnk - D:\Spelletjes\Virtual Villagers 4 The Tree of Life\Virtual Villagers - The Tree of Life.exe C:\Users\Tanya\Desktop\Spelletjes\Wonderland 1.lnk - D:\Spelletjes\Wonderland Adventures\Options.exe C:\Users\Tanya\Desktop\Spelletjes\Wonderland 2.lnk - D:\Spelletjes\Wonderland Adventures Mysteries of Fire Island\Wonderland.exe C:\Users\Tanya\Desktop\Spelletjes\Wonderland 3.lnk - D:\Spelletjes\Wonderland Secret Worlds\Wonderland.exe C:\Users\Tanya\Desktop\Spelletjes\Wonderland.lnk - D:\Spelletjes\Wonderland\Wonderland.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\Avast Free Antivirus.lnk - C:\Program Files\Alwil Software\Avast5\avastui.exe C:\Users\Public\Desktop\eID Viewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Paint.NET.lnk - C:\Program Files (x86)\Paint.NET\PaintDotNet.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID\eID Viewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID\Utilities\MS Office 2010 XAdES XL signature configuration.lnk - C:\Program Files (x86)\Belgium Identity Card\beidoffice2010_XAdES_XL.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID\Utilities\MS Outlook registry configuration.lnk - C:\Program Files (x86)\Belgium Identity Card\beidoutlooksnc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk - C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.NET.lnk - C:\Program Files (x86)\Paint.NET\PaintDotNet.exe C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{91120000-002E-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Tanya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 ==== Uninstall List x64 ====================== 3 Stars of Destiny [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\3 Stars of Destiny_is1] Activation Assistant for the 2007 Microsoft Office suites [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}] Activation Assistant for the 2007 Microsoft Office suites [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Activation Assistant for the 2007 Microsoft Office suites] Adobe Flash Player 15 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin] Adobe Flash Player 16 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] Adobe Reader XI (11.0.11) - Nederlands [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1043-7B44-AB0000000001}] Adobe Refresh Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001802114130}] Adobe Shockwave Player 12.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player] Ahriman's Prophecy [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ahriman's Prophecy] Alcor Micro USB Card Reader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5A22D889-FBDD-4AE8-86EC-089D45FC133E}] Alcor Micro USB Card Reader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}] Alice Greenfingers [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}] ASUS AI Recovery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}] ASUS AP Bank [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ASUS AP Bank_is1] ASUS CopyProtect [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}] ASUS Data Security Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FA2092C5-7979-412D-A962-6485274AE1EE}] ASUS FancyStart [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60D6618B-153F-4353-8185-908E676E5888}] ASUS LifeFrame3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}] ASUS Live Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}] ASUS MultiFrame [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D48531D-2135-49FC-BC29-ACCDA5396A76}] ASUS Power4Gear Hybrid [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}] ASUS SmartLogon [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64452561-169F-4A36-A2FF-B5E118EC65F5}] ASUS Splendid Video Enhancement Technology [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}] ASUS Virtual Camera [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}] ASUS WebStorage [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ASUS WebStorage] Asus_Camera_ScreenSaver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Asus_Camera_ScreenSaver] ATK Generic Function Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}] ATK Hotkey [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7C05592D-424B-46CB-B505-E0013E8E75C9}] ATK Media [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}] ATKOSD2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}] Avast Free Antivirus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\avast] Azada Ancient Magic [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Azada Ancient Magic_is1] Azada In Libro Collectors Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Azada In Libro Collectors Edition1.0] Belgium e-ID middleware 4.0.7 (build 7466) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{824563DE-75AD-4166-9DC0-B6482F207466}] Canon MP160 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160] Canon Utilities Easy-PhotoPrint [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Easy-PhotoPrint] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] Chicken Invaders 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}] ControlDeck [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5B65EF64-1DFA-414A-8C94-7BB726158E21}] CyberLink LabelPrint [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}] CyberLink LabelPrint [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}] CyberLink Power2Go [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}] CyberLink Power2Go [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}] D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}] Defraggler [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Defraggler] DivX Setup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DivX Setup] Dream Day Wedding Married in Manhattan [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}] Fast Boot [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13F4A7F3-EABC-4261-AF6B-1317777F0755}] Feedback Tool [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13A5E785-5197-4EAD-8EE3-D660271E49BC}] Football Manager 2013 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 207890] Game Park Console [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6C3496DF-CC4C-4CDE-87A1-8657619EE2D6}_is1] Gebruikersregistratie voor Canon MP160 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Gebruikersregistratie voor Canon MP160] Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] Google Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Updater] Intel(R) Graphics Media Accelerator Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HDMI] Island Wars 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110304260}] Java 8 Update 31 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218031F0}] Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}] K-Lite Codec Pack 10.0.5 Full [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KLiteCodecPack_is1] Mesh Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}] Messenger Companion [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8142D25E-028A-4563-86ED-5755783C8029}] Microsoft .NET Framework 1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}] Microsoft .NET Framework 4.5.2 (Nederlands) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043] Microsoft .NET Framework 4.5.2 (NLD) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AD1F4FA8-65AF-3EAC-A27A-BB08E2686BE2}] Microsoft .NET Framework 4.5.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26784146-6E05-3FF9-9335-786C7C0FB5BE}] Microsoft .NET Framework 4.5.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033] Microsoft Office Live Add-in 1.5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}] Microsoft Office Live Add-in Patches [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DCD7A9A-8B0B-4184-A5D7-C4BDAA31C750}] Microsoft Office Ultimate 2007 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ULTIMATER] Microsoft Search Enhancement Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}] Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}] Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}] Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37B8F9C7-03FB-3253-8781-2517C99D7C00}] Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}] Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B175520C-86A2-35A7-8619-86DC379688B9}] Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}] Mozilla Firefox 38.0.1 (x86 nl) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 38.0.1 (x86 nl)] Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService] MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}] MSVCRT_amd64 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0B44725-3666-492D-BEF6-587A14BD9BD9}] MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}] MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}] paint.net [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}] Piggly [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116864777}] Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{20D4A895-748C-4D88-871C-FDB1695B0169}] ScanSoft OmniPage SE 4.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}] Security Update for CAPICOM (KB931906) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}] SkypeT 7.4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}] Smileyville [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}] Spyware Doctor 7.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Spyware Doctor] Steam [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Steam] Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7] swMSM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}] USB 2.0 1.3M UVC WebCam [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\USB 2.0 1.3M UVC WebCam] VC80CRTRedist - 8.0.50727.6195 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{933B4015-4618-4716-A828-5289FC03165F}] VIA Platform Device Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}] Virtual Villagers 4 The Tree of Life [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Virtual Villagers 4 The Tree of Life_is1] Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2A07C35B-8384-4DA4-9A95-442B6C89A073}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite] Windows Live Family Safety [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}] Windows Live Family Safety [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B22C8566-D522-4B40-A7AF-525F5A70D832}] Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1B8ABA62-74F0-47ED-B18C-A43128E591B8}] Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}] Windows Live Language Selector [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}] Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D56775A-93F3-44A3-8092-840E3826DE30}] Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D588365A-AE39-4F27-BDAE-B4E72C8E900C}] Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C32CE55C-12BA-4951-8797-0967FDEF556F}] Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3F4143A1-9C21-4011-8679-3BC1014C6886}] Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DECDCB7C-58CC-4865-91AF-627F9798FE48}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6A563426-3474-41C6-B847-42B39F1485B2}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}] Windows Live Messenger Companion Core [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}] Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DA54F80E-261C-41A2-A855-549A144F2F59}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92EA4134-10D1-418A-91E1-5A0453131A38}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BD262D0-B788-4546-A0A5-F4F56EC3834B}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}] Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3336F667-9049-4D46-98B6-4C743EEBC5B1}] Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}] Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}] Windows Live Remote Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DF6D988A-EEA0-4277-AAB8-158E086E439B}] Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C9F05151-95A9-4B9B-B534-1760E2D014A5}] Windows Live Remote Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}] Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}] Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}] Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}] Windows Live Sync [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD19EDD9-1632-4002-9212-7478E4BA0423}] Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7E017923-16F8-4E32-94EF-0A150BD196FE}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A726AE06-AAA3-43D1-87E3-70F510314F04}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}] Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{14B441B7-774D-4170-98EA-A13667AE6218}] Windows Media Player Firefox Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}] Windows Movie Maker 2.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}] WinFlash [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DE10AB76-4756-4913-BE25-55D1C1051F9A}] WinRAR 4.20 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] WinRAR 5.01 (32-bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] WinZip 17.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}] Wireless Console 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}] ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_CURRENT_USER\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\micoach deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [20150107] C:\Program Files\Alwil Software\Avast5\setup\emupdate\aa068919-1a64-4dd6-a4e7-6afab5258ecb.exe /check O4 - Global Startup: FancyStart daemon.lnk = ? O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: lxcr_device - - C:\Windows\system32\lxcrcoms.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Silent Runners ====================== "Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/ Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} EeeStorageBackup = C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe MySyncFolder [null data] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++} HDAudDeck = C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [VIA] HControlUser = C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [ASUS] ATKOSD2 = C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [ASUS] ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [ASUS] GrooveMonitor = "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [MS] DivXMediaServer = C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [DivX, LLC] DivXUpdate = "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [null data] SSBkgdUpdate = "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [Nuance Communications, Inc.] AvastUI.exe = "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui [Avast Software s.r.o.] Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = avast! Online Security -> {HKLM...CLSID} = avast! Online Security \InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [Avast Software s.r.o.] -> {HKLM...Wow...CLSID} = avast! Online Security \InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [Avast Software s.r.o.] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] -> {HKLM...Wow...CLSID} = Aanmeldhulp voor Windows Live ID \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\(Default) = (no title provided) -> {HKLM...CLSID} = Google Toolbar Notifier BHO \InProcServer32\(Default) = C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll [Google Inc.] -> {HKLM...Wow...CLSID} = Google Toolbar Notifier BHO \InProcServer32\(Default) = C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [Google Inc.] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {6EBF7485-159F-4bff-A14F-B9E3AAC4465B}\(Default) = Search Helper -> {HKLM...Wow...CLSID} = Search Helper \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [MS] {72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [Oracle Corporation] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = avast! Online Security -> {HKLM...CLSID} = avast! Online Security \InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [Avast Software s.r.o.] -> {HKLM...Wow...CLSID} = avast! Online Security \InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [Avast Software s.r.o.] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] -> {HKLM...Wow...CLSID} = Aanmeldhulp voor Windows Live ID \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {9FDDE16B-836F-4806-AB1F-1455CBEFF289}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Windows Live Messenger Companion Helper \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [MS] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\(Default) = (no title provided) -> {HKLM...CLSID} = Google Toolbar Notifier BHO \InProcServer32\(Default) = C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll [Google Inc.] -> {HKLM...Wow...CLSID} = Google Toolbar Notifier BHO \InProcServer32\(Default) = C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [Google Inc.] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [Oracle Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ 00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShA64.dll [Avast Software s.r.o.] ADSMOverlayIcon\(Default) = {A825576B-0042-4F0F-8FB0-93CE0F054E69} -> {HKLM...CLSID} = MyOverlayIcon Class \InProcServer32\(Default) = C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [null data] ADSMOverlayIcon1\(Default) = {A8D448F4-0431-45AC-9F5E-E1B434AB2249} -> {HKLM...CLSID} = ExchangeOverlayIcon Class \InProcServer32\(Default) = C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [null data] AsusWSShellExt_B\(Default) = {6D4133E5-0742-4ADC-8A8C-9303440F7190} -> {HKLM...CLSID} = AsusWSShellExt_B64 Class \InProcServer32\(Default) = C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [eCareme Technologies, Inc.] AsusWSShellExt_O\(Default) = {64174815-8D98-4CE6-8646-4C039977D808} -> {HKLM...CLSID} = AsusWSShellExt_O64 Class \InProcServer32\(Default) = C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [eCareme Technologies, Inc.] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ ADSMOverlayIcon\(Default) = {A825576B-0042-4F0F-8FB0-93CE0F054E69} -> {HKLM...Wow...CLSID} = MyOverlayIcon Class \InProcServer32\(Default) = C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll [null data] ADSMOverlayIcon1\(Default) = {A8D448F4-0431-45AC-9F5E-E1B434AB2249} -> {HKLM...Wow...CLSID} = ExchangeOverlayIcon Class \InProcServer32\(Default) = C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll [null data] Groove Explorer Icon Overlay 1 (GFS Unread Stub)\(Default) = {99FD978C-D287-4F50-827F-B2C658EDA8E7} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] Groove Explorer Icon Overlay 2 (GFS Stub)\(Default) = {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)\(Default) = {920E6DB1-9907-4370-B3A0-BAFC03D81399} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] Groove Explorer Icon Overlay 3 (GFS Folder)\(Default) = {16F3DD56-1AF5-4347-846D-7C10C4192619} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] Groove Explorer Icon Overlay 4 (GFS Unread Mark)\(Default) = {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {b1b96b20-da1d-4a3c-92c1-7229b32f2325} = BackupContextMenuExtension -> {HKLM...CLSID} = XPClient.FileSystemBrowser.BackupContextMenuExtension.BackupContextMenuExtension \InProcServer32\(Default) = mscoree.dll [MS] {d6044399-0b9e-4084-a9ac-c4b7c7800fcf} = FolderItem -> {HKLM...CLSID} = ASUS WebStorage \InProcServer32\(Default) = mscoree.dll [MS] {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\MSOHEVI.DLL [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {B41DB860-64E4-11D2-9906-E49FADC173CA} = WinRAR shell extension -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal] {472083B0-C522-11CF-8763-00608CC02F24} = avast -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShA64.dll [Avast Software s.r.o.] {83238FAE-D346-4E12-8734-D42F7554B3E6} = DivX Thumbnail Provider -> {HKLM...CLSID} = DivX Thumbnail Provider \InProcServer32\(Default) = C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll [DivX, Inc.] {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} = DivX Property Handler -> {HKLM...CLSID} = DivX Property Handler \InProcServer32\(Default) = C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll [DivX, Inc.] {E0D79304-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshls64.dll [WinZip Computing, S.L.] {E0D79305-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshls64.dll [WinZip Computing, S.L.] {E0D79306-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshls64.dll [WinZip Computing, S.L.] {E0D79307-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshls64.dll [WinZip Computing, S.L.] {c5aec3ec-e812-4677-a9a7-4fee1f9aa000} = Icaros Thumbnail Provider -> {HKLM...CLSID} = Icaros Thumbnail Provider \InProcServer32\(Default) = C:\Program Files (x86)\K-Lite Codec Pack\Icaros\IcarosThumbnailProvider.dll [Tabibito Technology] {0c08e2bb-d10b-4cc9-b1b3-701f5be9d6ec} = IcarosPropertyHandler -> {HKLM...CLSID} = IcarosPropertyHandler.IcarosPropertyHandler \InProcServer32\(Default) = mscoree.dll [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {72853161-30C5-4D22-B7F9-0BBC1D38A37E} = Groove GFS Browser Helper -> {HKLM...Wow...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} = Groove GFS Explorer Bar -> {HKLM...Wow...CLSID} = Groove Folder Synchronization \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {A449600E-1DC6-4232-B948-9BD794D62056} = Groove GFS Stub Icon Handler -> {HKLM...Wow...CLSID} = Groove GFS Stub Icon Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook -> {HKLM...Wow...CLSID} = Groove GFS Stub Execution Hook \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {6C467336-8281-4E60-8204-430CED96822D} = Groove GFS Context Menu Handler -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {387E725D-DC16-4D76-B310-2C93ED4752A0} = Groove XML Icon Handler -> {HKLM...Wow...CLSID} = Groove XML Icon Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {16F3DD56-1AF5-4347-846D-7C10C4192619} = Groove Explorer Icon Overlay 3 (GFS Folder) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} = Groove Explorer Icon Overlay 2 (GFS Stub) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {99FD978C-D287-4F50-827F-B2C658EDA8E7} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {920E6DB1-9907-4370-B3A0-BAFC03D81399} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler -> {HKLM...Wow...CLSID} = Outlook File Icon Extension \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\OLKFSTUB.DLL [MS] {00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler -> {HKLM...Wow...CLSID} = Microsoft Office Outlook \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\MLSHEXT.DLL [MS] {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search -> {HKLM...Wow...CLSID} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\ONFILTER.DLL [MS] {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll [MS] {00F33137-EE26-412F-8D71-F84E4C2C6625} = (no title provided) -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} = Windows Live Photo Gallery Viewer Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} = Windows Live Photo Gallery Editor Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Editor Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F30F90-3E96-453B-AFCD-D71989ECC2C7} = Windows Live Photo Gallery Autoplay Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...Wow...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...Wow...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {472083B0-C522-11CF-8763-00608CC02F24} = avast -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [Avast Software s.r.o.] {83238FAE-D346-4E12-8734-D42F7554B3E6} = DivX Thumbnail Provider -> {HKLM...Wow...CLSID} = DivX Thumbnail Provider \InProcServer32\(Default) = C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll [DivX, Inc.] {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} = DivX Property Handler -> {HKLM...Wow...CLSID} = DivX Property Handler \InProcServer32\(Default) = C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll [DivX, Inc.] {c5aec3ec-e812-4677-a9a7-4fee1f9aa000} = Icaros Thumbnail Provider -> {HKLM...Wow...CLSID} = Icaros Thumbnail Provider \InProcServer32\(Default) = C:\Program Files (x86)\K-Lite Codec Pack\Icaros\32-bit\IcarosThumbnailProvider.dll [Tabibito Technology] {B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters\ {120495C2-9E38-48a2-A08B-C302F7487628}\(Default) = AdsmCredentialProvider -> {HKLM...CLSID} = AdsmCredentialProvider \InProcServer32\(Default) = C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [ASUSTek Computer Inc.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\ {06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}\(Default) = FaceCredentialProvider64 -> {HKLM...CLSID} = FaceCredentialProvider64 \InProcServer32\(Default) = C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [ASUS] {2AD920F6-D745-4d8b-9526-619171C2CC4D}\(Default) = AdsmCredentialProvider -> {HKLM...CLSID} = AdsmCredentialProvider \InProcServer32\(Default) = C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [ASUSTek Computer Inc.] {455BD3EC-20A5-44c3-8D77-396909825B5E}\(Default) = AdsmCredentialProvider -> {HKLM...CLSID} = AdsmCredentialProvider \InProcServer32\(Default) = C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [ASUSTek Computer Inc.] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945} -> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ ADSMEnDecExt\(Default) = {8BB925EB-A385-4F4D-B463-D9CC4A4F98F5} -> {HKLM...CLSID} = ADSMEnDecExt Class \InProcServer32\(Default) = C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmendecExt.dll [ASUSTek Computer Inc.] avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShA64.dll [Avast Software s.r.o.] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [Avast Software s.r.o.] BackupContextMenuExtension\(Default) = {b1b96b20-da1d-4a3c-92c1-7229b32f2325} -> {HKLM...CLSID} = XPClient.FileSystemBrowser.BackupContextMenuExtension.BackupContextMenuExtension \InProcServer32\(Default) = mscoree.dll [MS] DefragglerShellExtension\(Default) = {4380C993-0C43-4E02-9A7A-0D40B6EA7590} -> {HKLM...CLSID} = DefragglerShellExtension Class \InProcServer32\(Default) = C:\Program Files\Defraggler\DefragglerShell64.dll [Piriform Ltd] WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshls64.dll [WinZip Computing, S.L.] -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ 00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShA64.dll [Avast Software s.r.o.] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [Avast Software s.r.o.] BackupContextMenuExtension\(Default) = {b1b96b20-da1d-4a3c-92c1-7229b32f2325} -> {HKLM...CLSID} = XPClient.FileSystemBrowser.BackupContextMenuExtension.BackupContextMenuExtension \InProcServer32\(Default) = mscoree.dll [MS] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ ADSMEnDecExt\(Default) = {8BB925EB-A385-4F4D-B463-D9CC4A4F98F5} -> {HKLM...CLSID} = ADSMEnDecExt Class \InProcServer32\(Default) = C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmendecExt.dll [ASUSTek Computer Inc.] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshls64.dll [WinZip Computing, S.L.] -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\ WinZip\(Default) = {E0D79305-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshls64.dll [WinZip Computing, S.L.] -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ igfxcui\(Default) = {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} -> {HKLM...CLSID} = GraphicsShellExt Class \InProcServer32\(Default) = C:\Windows\system32\igfxpph.dll [Intel Corporation] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info -> {HKLM...Wow...CLSID} = PDF Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShA64.dll [Avast Software s.r.o.] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\Alwil Software\Avast5\ashShell.dll [Avast Software s.r.o.] DefragglerShellExtension\(Default) = {4380C993-0C43-4E02-9A7A-0D40B6EA7590} -> {HKLM...CLSID} = DefragglerShellExtension Class \InProcServer32\(Default) = C:\Program Files\Defraggler\DefragglerShell64.dll [Piriform Ltd] WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshls64.dll [WinZip Computing, S.L.] -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\ WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal] WinZip\(Default) = {E0D79305-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshls64.dll [WinZip Computing, S.L.] -> {HKLM...Wow...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoDrives = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoDrives = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\ disableregistrytools = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|System| Prevent access to registry editing tools} DisableTaskMgr = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKCU\Software\Policies\Microsoft\Windows\System\ disablecmd = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|System| Prevent access to the command prompt} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ DisableRegistryTools = (REG_DWORD) dword:0x00000000 {unrecognized setting} SoftwareSASGeneration = (REG_DWORD) dword:0x00000001 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Users\Tanya\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ SCRNSAVE.EXE = C:\Windows\system32\Bubbles.scr [MS] Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ MPCPlayBluRayOnArrival\ Provider = Media Player Classic InvokeProgID = MediaPlayerClassic.Autorun InvokeVerb = PlayBlurayMovie HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayBlurayMovie\command\(Default) = "C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %L\BDMV\INDEX.BDMV [MPC-HC Team] MPCPlayCDAudioOnArrival\ Provider = Media Player Classic InvokeProgID = MediaPlayerClassic.Autorun InvokeVerb = PlayCDAudio HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayCDAudio\command\(Default) = "C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 /cd [MPC-HC Team] MPCPlayDVDMovieOnArrival\ Provider = Media Player Classic InvokeProgID = MediaPlayerClassic.Autorun InvokeVerb = PlayDVDMovie HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayDVDMovie\command\(Default) = "C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 /dvd [MPC-HC Team] MPCPlayMusicFilesOnArrival\ Provider = Media Player Classic InvokeProgID = MediaPlayerClassic.Autorun InvokeVerb = PlayMusicFiles HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayMusicFiles\command\(Default) = "C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 [MPC-HC Team] MPCPlayVideoFilesOnArrival\ Provider = Media Player Classic InvokeProgID = MediaPlayerClassic.Autorun InvokeVerb = PlayVideoFiles HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayVideoFiles\command\(Default) = "C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 [MPC-HC Team] MSLivePhotoAcquireDropHandler\ Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.LivePhotoAcqDTShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqDTShim.1\shell\open\DropTarget\CLSID = {00F33137-EE26-412F-8D71-F84E4C2C6625} -> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS] MSLiveShowPicturesOnArrival\ Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.Photos.LiveAutoplayShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = {00F30F90-3E96-453B-AFCD-D71989ECC2C7} -> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS] MSPlayCDAudioOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.AudioCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS] MSPlayDVDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.DVD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS] MSPlaySuperVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPlayVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSWMPBurnCDOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.BurnCD InvokeVerb = Burn HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS] P2GCDBurningOnArrival\ Provider = Power2Go InvokeProgID = BlankCD InvokeVerb = OpenWithPower2Go HKLM\SOFTWARE\Classes\BlankCD\shell\OpenWithPower2Go\Command\(Default) = "C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe" "%L" [CyberLink Corp.] P2GDVDBurningOnArrival\ Provider = Power2Go InvokeProgID = BlankDVD InvokeVerb = OpenWithPower2Go HKLM\SOFTWARE\Classes\BlankDVD\shell\OpenWithPower2Go\Command\(Default) = "C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe" "%L" [CyberLink Corp.] Power2GoPlayCDAudioOnArrival\ Provider = Power2Go InvokeProgID = AudioCD InvokeVerb = PlayWithPower2Go HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithPower2Go\Command\(Default) = "C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe" /AudioRipper "%L" [CyberLink Corp.] WIA_{11F6DECE-FAB9-43FD-BAC0-5508A420C7B5}\ Provider = OmniPage SE 4.0 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\omnipage.exe /StiDevice:%1 /StiEvent:%2; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{314E8BA7-1CED-4A9F-9784-7C1399B59872}\ Provider = WinZip CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files\WinZip\WINZIP64.EXE /wia; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] Startup items in "Tanya" & "All Users" startup folders: ------------------------------------------------------- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup {++} FancyStart daemon -> shortcut to: C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe -d [null data] Non-disabled Scheduled Tasks: {++} ----------------------------- C:\Windows\System32\Tasks ACMON -> launches: C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [ATK] Adobe Acrobat Update Task -> launches: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [Adobe Systems Incorporated] Adobe Flash Player Updater -> launches: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated] ASPG -> launches: C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [ASUS] ASUS Live Update -> launches: C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [empty string] ASUS P4G -> launches: C:\Program Files\P4G\BatteryLife.exe [ATK] ASUS SmartLogon Console Sensor -> launches: C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [ASUS] ASUSControlDeck -> launches: C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [null data] avast! Emergency Update -> (HIDDEN!) launches: C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [Avast Software s.r.o.] CCleanerSkipUAC -> launches: "C:\Program Files (x86)\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd] CreateChoiceProcessTask -> launches: C:\Windows\System32\browserchoice.exe /launch [MS] Google Software Updater -> launches: C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start [Google] GoogleUpdateTaskMachineCore -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineUA -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] P4G Sidebar -> launches: C:\Program Files\Windows Sidebar\sidebar.exe [MS] RealPlayerRealUpgradeLogonTaskS-1-5-21-3346191541-85200542-3152490922-1000 -> launches: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck [file not found] RealPlayerRealUpgradeScheduledTaskS-1-5-21-3346191541-85200542-3152490922-1000 -> launches: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck [file not found] WC3 -> launches: C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [null data] {0BB17E75-B596-4F7E-9843-D5F7D0560E3D} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\Tanya\Desktop\Laxius_Force_II.exe -d C:\Users\Tanya\Desktop [MS] {0EAB7451-1F25-47B9-9F76-AE2D3B5E5184} -> launches: C:\Windows\system32\pcalua.exe -a "c:\program files (x86)\java\jre6\bin\javaw.exe" -c -jar "C:\Program Files (x86)\adidas\miCoach Manager\uninstaller\uninstaller.jar" [MS] {10E77787-8697-4BFE-9104-FC06154A29B4} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\Tanya\Desktop\ViperClientSetup.exe -d C:\Users\Tanya\Desktop [MS] {1189E330-54AB-48D6-A832-7C03FFF70F88} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\Tanya\Desktop\dilloDIE.exe -d C:\Users\Tanya\Desktop [MS] {1FFE4CC3-F475-4824-B4CF-FFB73682EFD4} -> launches: "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.6.60.106/nl/abandoninstall?page=tsBing [Mozilla Corporation] {5D24ED1C-3588-4E6E-83EC-7780B2145142} -> launches: E:\Install\Setup.exe [file not found] {8B2C7D38-A41B-457E-B1D1-E08F07C23184} -> launches: C:\Windows\system32\pcalua.exe -a E:\Install\Setup.exe -d E:\Install [MS] {B5631D75-FB13-4B2D-992D-060A4C3A3B1E} -> launches: E:\Install\Setup.exe [file not found] {BF2AE53E-35FD-47D1-A48F-DAC17880927A} -> launches: C:\Program Files (x86)\Skype\\Phone\Skype.exe [Skype Technologies S.A.] {E0DABBE5-4F0E-4F98-B33E-470679372F07} -> launches: C:\Windows\system32\pcalua.exe -a D:\Spelletjes\Uninstal.exe [MS] {EF162525-3C90-4538-81B0-CC510231D46F} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\Tanya\Desktop\jxpiinstall.exe -d C:\Users\Tanya\Desktop [MS] {F291AACD-C831-49F6-8765-28AAF1625F6D} -> launches: E:\Install\Setup.exe [file not found] C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience AitAgent -> launches: aitagent [MS] Microsoft Compatibility Appraiser -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy [MS] ProgramDataUpdater -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Autochk Proxy -> launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS] KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c} -> {HKLM...CLSID} = KernelCeipCustomHandler \InProcServer32\(Default) = C:\Windows\System32\kernelceip.dll [MS] UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8} -> {HKLM...CLSID} = UsbCeip \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS] -> {HKLM...Wow...CLSID} = UsbCeip \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3} -> {HKLM...CLSID} = ScheduledDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\sdiagschd.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Location Notifications -> launches: %windir%\System32\LocationNotifications.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance WinSAT -> launches: {A9A33436-678B-4C9C-A211-7CC38785E79D} -> {HKLM...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS] -> {HKLM...Wow...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Media Center ActivateWindowsSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [MS] ConfigureInternetTimeService -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [MS] DispatchRecoveryTasks -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [MS] ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS] InstallPlayReady -> launches: %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [MS] mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) [MS] mcupdate_scheduled -> launches: %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 [MS] MediaCenterRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [MS] ObjectStoreRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [MS] OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS] OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [MS] PBDADiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [MS] PBDADiscoveryW1 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [MS] PBDADiscoveryW2 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [MS] PvrRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [MS] PvrScheduleTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [MS] RegisterSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [MS] ReindexSearchRoot -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [MS] SqlLiteRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [MS] StartRecording -> launches: %SystemRoot%\ehome\ehrec /StartRecording [MS] UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic CorruptionDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2} -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS] DecompressionFailureDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2} -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E} -> {HKLM...CLSID} = HotStart User Agent \InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MUI Lpksetup -> launches: C:\Windows\System32\lpksetup.exe -v [MS] LPRemove -> launches: %windir%\system32\lpremove.exe [MS] Mcbuilder -> launches: C:\Windows\System32\mcbuilder.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543} -> {HKLM...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace GatherNetworkInfo -> launches: %windir%\system32\gatherNetworkInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics AnalyzeSystem -> launches: %SystemRoot%\System32\powercfg.exe -energy -auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6} -> {HKLM...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS] -> {HKLM...Wow...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Ras MobilityManager -> launches: {c463a0fc-794f-4fdf-9201-01938ceacafa} -> {HKLM...CLSID} = RasMobilityManager \InProcServer32\(Default) = C:\Windows\system32\rasmbmgr.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Registry RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2} -> {HKLM...CLSID} = RegistryIdleBackupHandler \InProcServer32\(Default) = C:\Windows\System32\regidle.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx launchtrayprocess -> launches: %windir%\system32\GWX\GWX.exe /tasklaunch [MS] refreshgwxconfig -> launches: %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SideShow GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61} -> {HKLM...CLSID} = GadgetsManager Class \InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore SR -> launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4} -> {HKLM...CLSID} = RunTask \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS] -> {HKLM...Wow...CLSID} = RunTask \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip IpAddressConflict1 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS] IpAddressConflict2 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} -> {HKLM...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization SynchronizeTime -> launches: %windir%\system32\sc.exe start w32time task_started [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies ValidationTask -> (HIDDEN!) launches: %SystemRoot%\system32\Wat\WatAdminSvc.exe /run [MS] ValidationTaskDeadline -> (HIDDEN!) launches: %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing UpdateLibrary -> launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup ConfigNotification -> launches: %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wininet CacheTask -> launches: {0358b920-0ac7-461f-98f4-58e32cd89148} -> {HKLM...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS] -> {HKLM...Wow...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows Defender MP Scheduled Scan -> (HIDDEN!) launches: c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan [MS] MpIdleTask -> (HIDDEN!) launches: c:\program files\windows defender\MpCmdRun.exe -IdleTask -TaskName MpIdleTask [MS] C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE Extractor Definitions Update Task -> launches: {3519154C-227E-47F3-9CC9-12C3F05817F1} -> {HKLM...Wow...CLSID} = Windows Live Social Object Extractor Engine Definition Updater \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll [MS] C:\Windows\System32\Tasks\WPD SqmUpload_S-1-5-21-3346191541-85200542-3152490922-1000 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000006\LibraryPath = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000007\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000008\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000006\LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000007\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000008\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 10 HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 10 Toolbars, Explorer Bars, Extensions: ------------------------------------ Explorer Bars HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = Groove Folder Synchronization Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Onderzoeken Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\ {0000036B-C524-4050-81A0-243669A86B9F}\ ButtonText = @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 CLSIDExtension = {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} -> {HKLM...Wow...CLSID} = Windows Live Messenger Companion Command Bar Button \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [MS] {219C3416-8CB2-491A-A3C7-D9FCDDC9D600}\ ButtonText = @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 MenuText = @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 CLSIDExtension = {5F7B1267-94A9-47F5-98DB-E99415F33AEC} -> {HKLM...Wow...CLSID} = BlogThisToolbarButton Class \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [MS] {2670000A-7350-4F3C-8081-5663EE0C6C49}\ ButtonText = Verzenden naar OneNote MenuText = Verz&enden naar OneNote CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C} -> {HKLM...Wow...CLSID} = Send to OneNote from Internet Explorer button \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll [MS] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ ButtonText = Research BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503} -> {HKLM...Wow...CLSID} = &Onderzoeken \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL [MS] Miscellaneous IE Hijack Points ------------------------------ HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\ <> InPrivate = res://ieframe.dll/inprivate_win7.htm [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Adobe Acrobat Update Service, AdobeARMservice, "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [Adobe Systems Incorporated] ADSM Service, ADSMService, C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [ASUSTek Computer Inc.] AFBAgent, AFBAgent, "C:\Windows\system32\FBAgent.exe" [ASUSTeK Computer Inc.] ASLDR Service, ASLDRService, C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [ASUS] ATKGFNEX Service, ATKGFNEXSrv, C:\Program Files\ATKGFNEX\GFNEXSrv.exe [null data] Avast Antivirus, avast! Antivirus, "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" [Avast Software s.r.o.] Diagnostics Tracking Service, DiagTrack, C:\Windows\System32\svchost.exe -k utcsvc {C:\Windows\system32\diagtrack.dll [MS]} lxcr_device, lxcr_device, C:\Windows\system32\lxcrcoms.exe -service [ ] Oberon Media Game Console service, OberonGameConsoleService, "C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe" [null data] SeaPort, SeaPort, "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" [MS] Steam Client Service, Steam Client Service, "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [Valve Corporation] Windows Live ID Sign-in Assistant, wlidsvc, "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [MS] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <> hitmanpro37, <> hitmanpro37.sys, <> PEVSystemStart, Service HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <> hitmanpro37, <> hitmanpro37.sys, <> PEVSystemStart, Service Keyboard Driver Filters: ------------------------ HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}\ <> UpperFilters = <> PCTCore [file not found],kbdclass [MS] Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ 2400 Series Port\Driver = lxcrlmpm.dll [ ] BJ Language Monitor4\Driver = CNBLM4.DLL [CANON INC.] Canon BJ Language Monitor MP160\Driver = CNMLM83.DLL [CANON INC.] <>: Suspicious data at a browser hijack point. ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tanya\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Tanya\AppData\Local\Mozilla\Firefox\Profiles\87yl2w52.default-1404823525968\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Tanya\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=21 folders=20 14110881 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\temp emptied successfully C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\Tanya\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Tanya\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 26/05/2015 at 0:46:06,57 ======================