Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Zakelijk - Estate Pl on ma 20/07/2015 at 15:04:08.28. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Zakelijk - Estate Pl\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-07-14-141658.log 62932 bytes C:\zoek-results2015-07-20-104404.log 12535 bytes C:\zoek-results2015-07-20-121354.log 1290 bytes ==== Running Processes ====================== C:\Program Files (x86)\BrytonBridge2\BBService.exe C:\Program Files (x86)\BrytonBridge2\BBDaemon.exe C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe C:\Windows\system32\hasplms.exe C:\Windows\SysWOW64\svchost.exe C:\Program Files (x86)\Nero\Update\NASvc.exe F:\CDBurnerXP\NMSAccessU.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe C:\Program Files (x86)\Polar\Daemon\polard.exe C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe C:\Windows\SysWOW64\conime.exe C:\Windows\SysWOW64\conime.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe F:\VLC Streamer\VLC Streamer Configuration.exe C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Program Files (x86)\BrytonBridge2\BrytonBridge2.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\SysWOW64\aetcrss1.exe C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat\Acrobat.exe C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Zakelijk - Estate Pl\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Services(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R2 - [Apple Mobile Device Service] - Apple Mobile Device Service - c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe R2 - [BBService] - Bryton Bridge Service - c:\program files (x86)\brytonbridge2\bbservice.exe R2 - [BingDesktopUpdate] - Bing Desktop Update service - c:\program files (x86)\microsoft\bingdesktop\bingdesktopupdater.exe R2 - [Bonjour Service] - Bonjour-service - c:\program files\bonjour\mdnsresponder.exe R2 - [hasplms] - HASP License Manager - c:\windows\system32\hasplms.exe R2 - [MSCamSvc] - MSCamSvc - c:\program files (x86)\microsoft lifecam\mscams64.exe R2 - [MsMpSvc] - Microsoft Antimalware Service - c:\program files\microsoft security client\msmpeng.exe R2 - [MSSQL$ACT7] - SQL Server (ACT7) - f:\program files\mssql10_50.act7\mssql\binn\sqlservr.exe R2 - [NAUpdate] - Nero Update - c:\program files (x86)\nero\update\nasvc.exe R2 - [NMSAccessU] - NMSAccessU - f:\cdburnerxp\nmsaccessu.exe R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe R2 - [nvUpdatusService] - NVIDIA Update Service Daemon - c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe R2 - [PCToolsSSDMonitorSvc] - PC Tools Startup and Shutdown Monitor service - c:\program files (x86)\common files\pc tools\smonitor\startmansvc.exe R2 - [Polar Daemon] - Polar Daemon - c:\program files (x86)\polar\daemon\polard.exe R2 - [PSI_SVC_2] - Protexis Licensing V2 - c:\program files (x86)\common files\protexis\license service\psiservice_2.exe R2 - [slsvc] - Software Licensing - c:\windows\system32\slsvc.exe R2 - [SQLBrowser] - SQL Server Browser - c:\program files (x86)\microsoft sql server\90\shared\sqlbrowser.exe R2 - [SQLWriter] - SQL Server VSS Writer - c:\program files\microsoft sql server\90\shared\sqlwriter.exe R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [BBUpdate] - BBUpdate - c:\program files (x86)\microsoft\bingbar\7.1.362.0\seaport.exe R3 - [FLEXnet Licensing Service] - FLEXnet Licensing Service - c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe R3 - [iPod Service] - iPod-service - c:\program files\ipod\bin\ipodservice.exe R3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe R3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe R3 - [WPFFontCache_v0400] - Windows Presentation Foundation Font Cache 4.0.0.0 - c:\windows\microsoft.net\framework64\v4.0.30319\wpf\wpffontcache_v0400.exe S2 - [BBSvc] - BingBar Service - c:\program files (x86)\microsoft\bingbar\7.1.362.0\bbsvc.exe S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe S2 - [gupdate] - Google Updateservice (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe S2 - [syshost32] - syshost32 - c:\windows\installer\{464336c9-2bc6-646d-79b6-f96259942a86}\syshost.exe [x] S2 - [Time] - Time - c:\programdata\microsoft\windows\time\time-svc.exe [x] S3 - [Adobe Version Cue CS4] - Adobe Version Cue CS4 - c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [DFSR] - DFS Replication - c:\windows\system32\dfsr.exe S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe S3 - [Fabs] - FABS - Helping agent for MAGIX media database - c:\program files (x86)\common files\magix services\database\bin\fabs.exe S3 - [FirebirdServerMAGIXInstance] - Firebird Server - MAGIX Instance - c:\program files (x86)\common files\magix services\database\bin\fbserver.exe S3 - [FLEXnet Licensing Service 64] - FLEXnet Licensing Service 64 - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe S3 - [Futuremark SystemInfo Service] - Futuremark SystemInfo Service - c:\program files (x86)\futuremark\futuremark systeminfo\fmsisvc.exe S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [gusvc] - Google Software Updater - c:\program files (x86)\google\common\google updater\googleupdaterservice.exe S3 - [IDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe S3 - [LBTServ] - Logitech Bluetooth Service - c:\program files\common files\logitech\bluetooth\lbtserv.exe S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files (x86)\microsoft office\office14\groove.exe S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [MSSQLServerADHelper100] - SQL Active Directory Helper Service - c:\program files\microsoft sql server\100\shared\sqladhlp.exe S3 - [NisSrv] - Microsoft Network Inspection - c:\program files\microsoft security client\nissrv.exe S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe S3 - [wampapache] - wampapache - f:\wamp\bin\apache\apache2.2.21\bin\httpd.exe S3 - [wampmysqld] - wampmysqld - f:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe S4 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe S4 - [SQLAgent$ACT7] - SQL Server Agent (ACT7) - f:\program files\mssql10_50.act7\mssql\binn\sqlagent.exe ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-2883450986-3951649885-2188304626-1012\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Spotify"="C:\users\frederic\appdata\roaming\spotify\spotify.exe /uri spotify:autostart" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-2883450986-3951649885-2188304626-1013\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "ABIT uGuruIII"="F:\U-ABIT\uGuru\LaunchuGuru.exe" "Speech Recognition"="C:\Windows\Speech\Common\sapisvr.exe -SpeechUX -Startup" "Hobbyist Software VLC Streamer"="F:\VLC Streamer\VLC Streamer Configuration.exe /startup" "Spotify Web Helper"="C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\users\frederic\AppData\Roaming\Spotify\spotify.exe -autostart -minimized" "Dropbox Update"="C:\Users\Zakelijk - Estate Pl\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "Web Companion"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -update activex" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -update activex" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CertificateRegistration"="aetcrss1.exe" "LogitechCommunicationsManager"="C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" "Adobe Acrobat Speed Launcher"="F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat\Acrobat_sl.exe" "Adobe_ID0ENQBO"="C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SSDMonitor"="C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" "ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun" "SSBkgdUpdate"="C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot" "JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "ABIT uGuruIII"="F:\U-ABIT\uGuru\LaunchuGuru.exe" "Speech Recognition"="C:\Windows\Speech\Common\sapisvr.exe -SpeechUX -Startup" "Hobbyist Software VLC Streamer"="F:\VLC Streamer\VLC Streamer Configuration.exe /startup" "Spotify Web Helper"="C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\users\frederic\AppData\Roaming\Spotify\spotify.exe -autostart -minimized" "Dropbox Update"="C:\Users\Zakelijk - Estate Pl\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "Web Companion"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ProfilerU"="C:\Program Files\Saitek\SD6\Software\ProfilerU.exe" "SaiMfd"="C:\Program Files\Saitek\SD6\Software\SaiMfd.exe" "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0] "command"="\"F:\\Adobe CS4 Master Collection\\Acrobat 9.0\\Acrobat\\Acrotray.exe\"" "hkey"="HKLM" "item"="Acrobat Assistant 8.0" "key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Act! Preloader] "command"="\"F:\\ACT\\ActSage.exe\" -preload" "hkey"="HKLM" "item"="Act! Preloader" "key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Act.Outlook.Service] "command"="\"F:\\ACT\\Act.Outlook.Service.exe\"" "hkey"="HKLM" "item"="Act.Outlook.Service" "key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS4ServiceManager] "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe\" -launchedbylogin" "hkey"="HKLM" "item"="AdobeCS4ServiceManager" "key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" "hkey"="HKLM" "item"="APSDaemon" "key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" "hkey"="HKLM" "item"="BCSSync" "key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BingDesktop] "command"="C:\\Program Files (x86)\\Microsoft\\BingDesktop\\BingDesktop.exe /fromkey" "hkey"="HKLM" "item"="BingDesktop" "key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrMfcWnd] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BrMfcWnd" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Brother\\Brmfcmon\\BrMfcWnd.exe\" /AUTORUN" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Quick Search Box] "command"="\"C:\\Program Files (x86)\\Google\\Quick Search Box\\GoogleQuickSearchBox.exe\" /autorun" "hkey"="HKLM" "item"="Google Quick Search Box" "key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndexSearch] "command"="\"C:\\Program Files (x86)\\ScanSoft\\PaperPort\\IndexSearch.exe\"" "hkey"="HKLM" "item"="IndexSearch" "key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LifeCam] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LifeCam" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft LifeCam\\LifeExp.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LVCOMSX] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LVCOMSX" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\LogiShrd\\LComMgr\\LVComSX.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NBAgent" "hkey"="HKLM" "command"="\"F:\\Nero 10\\Nero BackItUp\\NBAgent.exe\" /WinStart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PaperPort PTD] "command"="\"C:\\Program Files (x86)\\ScanSoft\\PaperPort\\pptd40nt.exe\"" "hkey"="HKLM" "item"="PaperPort PTD" "key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PPort11reminder] "command"="c:\\program files (x86)\\scansoft\\paperport\\ereg\\ereg.exe\" -r \"c:\\programdata\\scansoft\\paperport\\11\\config\\ereg\\ereg.ini" "hkey"="HKLM" "item"="PPort11reminder" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skytel] "command"="Skytel.exe" "hkey"="HKLM" "item"="Skytel" "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\users\\frederic\\appdata\\roaming\\spotify\\spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "command"="\"C:\\Users\\Zakelijk - Estate Pl\\AppData\\Roaming\\Spotify\\SpotifyWebHelper.exe\"" "hkey"="HKCU" "item"="Spotify Web Helper" "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Steam" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Steam\\Steam.exe\" -silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "command"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\update\\realsched.exe\" -osboot" "hkey"="HKLM" "item"="TkBellExe" "key"="Software\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VX1000] "command"="C:\\Windows\\vVX1000.exe" "hkey"="HKLM" "item"="VX1000" "key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\HP\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Polar WebSync.lnk] "backup"="C:\\Windows\\pss\\Polar WebSync.lnkCommon Startup" "command"="C:\\Windows\\Installer\\{1A1F27A2-599F-46BC-B904-1053B3A4CFEB}\\WebSync.exe2_4B58E052B1C94BE0AC42D7A472F5A651.exe " "item"="Polar WebSync" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Polar WebSync.lnk" "backupExtension"="Common Startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sage ACT! Outlook Sync.lnk] "backup"="C:\\Windows\\pss\\Sage ACT! Outlook Sync.lnkCommon Startup" "command"="F:\\ACT\\Act.Outlook.Sync.exe D" "item"="Sage ACT! Outlook Sync" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Sage ACT! Outlook Sync.lnk" "backupExtension"="Common Startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\WinZip Quick Pick.lnk" "backup"="C:\\Windows\\pss\\WinZip Quick Pick.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\WinZip\\WZQKPICK.EXE " "item"="WinZip Quick Pick" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Frederic^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ch8l0.exe.lnk] "path"="C:\\Users\\Frederic\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\ch8l0.exe.lnk" "backup"="C:\\Windows\\pss\\ch8l0.exe.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Windows\\System32\\rundll32.exe C:\\Users\\Frederic\\AppData\\Local\\Temp\\ch8l0.exe,NameFunEx" "item"="ch8l0.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Frederic^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\Frederic\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Frederic\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe " "item"="Dropbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Zakelijk - Estate Pl^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk] "backup"="C:\\Windows\\pss\\EvernoteClipper.lnkStartup" "command"="C:\\Program Files (x86)\\Evernote\\Evernote\\EvernoteClipper.exe " "item"="EvernoteClipper" "path"="C:\\Users\\Zakelijk - Estate Pl\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\EvernoteClipper.lnk" "backupExtension"="Startup" ==== Startup Folders ====================== 2015-07-18 08:14:34 1082 ----a-w- C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2014-03-17 20:16:33 932 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BrytonBridge2.lnk 2008-10-18 13:58:01 2214 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk 2008-10-18 14:21:16 1695 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Ad-Aware Update (Daily 1).job --a------ C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [] C:\Windows\tasks\Ad-Aware Update (Daily 2).job --a------ C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [] C:\Windows\tasks\Ad-Aware Update (Daily 3).job --a------ [Undetermined Task] C:\Windows\tasks\Ad-Aware Update (Daily 4).job --a------ C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [] C:\Windows\tasks\Ad-Aware Update (Weekly).job --a------ C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [] C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17/07/2015 20:21] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2883450986-3951649885-2188304626-1013Core.job --a------ C:\Users\Zakelijk - Estate Pl\AppData\Local\Dropbox\Update\DropboxUpdate.exe [17/06/2015 19:02] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2883450986-3951649885-2188304626-1013UA.job --a------ C:\Users\Zakelijk - Estate Pl\AppData\Local\Dropbox\Update\DropboxUpdate.exe [17/06/2015 19:02] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/10/2014 03:01] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/10/2014 03:01] C:\Windows\tasks\RMSchedule.job --a------ C:\PC Tools Registry Mechanic\RegMech.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Ad-Aware Update (Daily 1)" [C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe] "C:\Windows\SysNative\tasks\Ad-Aware Update (Daily 2)" [C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe] "C:\Windows\SysNative\tasks\Ad-Aware Update (Daily 3)" [C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe] "C:\Windows\SysNative\tasks\Ad-Aware Update (Daily 4)" [C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe] "C:\Windows\SysNative\tasks\Ad-Aware Update (Weekly)" [C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2883450986-3951649885-2188304626-1013Core" [C:\Users\Zakelijk - Estate Pl\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2883450986-3951649885-2188304626-1013UA" [C:\Users\Zakelijk - Estate Pl\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-2883450986-3951649885-2188304626-1013" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-2883450986-3951649885-2188304626-1013" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RMSchedule" [F:\PC Tools Registry Mechanic\RegMech.exe] "C:\Windows\SysNative\tasks\RMSmartUpdate" ["F:\PC Tools Registry Mechanic\update.exe"] "C:\Windows\SysNative\tasks\Start Evernote Client" [C:\Program Files (x86)\Evernote\Evernote\Evernote.exe] "C:\Windows\SysNative\tasks\{10881387-E95C-476C-B6C9-BA6BC0732604}" [C:\Program Files (x86)\Skype\Phone\Skype.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Silent Runners ====================== "Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/ Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [MS] swg = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [Google Inc.] ABIT uGuruIII = F:\U-ABIT\uGuru\LaunchuGuru.exe [null data] Speech Recognition = "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup [MS] Hobbyist Software VLC Streamer = "F:\VLC Streamer\VLC Streamer Configuration.exe" /startup [null data] Spotify Web Helper = "C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [Spotify Ltd] Spotify = "C:\users\frederic\AppData\Roaming\Spotify\spotify.exe" -autostart -minimized [Spotify Ltd] Dropbox Update = "C:\Users\Zakelijk - Estate Pl\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c [Dropbox, Inc.] Web Companion = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize [file not found] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} LXBUCATS = rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXBUtime.dll,RunDLLEntry [MS] ProfilerU = C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [Saitek] SaiMfd = C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [Saitek] Kernel and Hardware Abstraction Layer = KHALMNPR.EXE [Logitech, Inc.] Nvtmru = "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [NVIDIA Corporation] iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe" [Apple Inc.] MSC = "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++} CertificateRegistration = aetcrss1.exe [A.E.T. Europe B.V.] LogitechCommunicationsManager = "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [Logitech Inc.] Adobe Reader Speed Launcher = "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [Adobe Systems Incorporated] Adobe Acrobat Speed Launcher = "F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [Adobe Systems Incorporated] Adobe_ID0ENQBO = C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [Adobe Systems Incorporated] Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated] SSDMonitor = "C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [PC Tools] ControlCenter3 = "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun [Brother Industries, Ltd.] SSBkgdUpdate = "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [Nuance Communications, Inc.] JMB36X IDE Setup = C:\Windows\RaidTool\xInsIDE.exe [null data] SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Oracle Corporation] QuickTime Task = "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [Apple Inc.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided) -> {HKLM...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] -> {HKLM...Wow...CLSID} = Aanmeldhulp voor Windows Live ID \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided) -> {HKLM...CLSID} = Google Toolbar Helper \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Inc.] -> {HKLM...Wow...CLSID} = Google Toolbar Helper \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.] {B4F3A835-0E21-4959-BA22-42B3008E02FF}\(Default) = URLRedirectionBHO -> {HKLM...CLSID} = Office Document Cache Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [MS] -> {HKLM...Wow...CLSID} = Office Document Cache Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {0347C33E-8762-4905-BF09-768834316C61}\(Default) = HP Print Enhancer -> {HKLM...CLSID} = HP Print Enhancer \InProcServer32\(Default) = [file not found] -> {HKLM...Wow...CLSID} = HP Print Enhancer \InProcServer32\(Default) = C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [Hewlett-Packard Co.] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Adobe PDF Reader Link Helper \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe Systems Incorporated] {074C1DC5-9320-4A9A-947D-C042949C6216}\(Default) = (no title provided) -> {HKLM...CLSID} = ContributeBHO Class \InProcServer32\(Default) = [file not found] -> {HKLM...Wow...CLSID} = ContributeBHO Class \InProcServer32\(Default) = F:\Adobe CS4 Master Collection\/Adobe Contribute CS4/contributeieplugin.dll [Adobe Systems Incorporated.] {18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = AcroIEHelperStub -> {HKLM...CLSID} = Adobe PDF Link Helper \InProcServer32\(Default) = [file not found] -> {HKLM...Wow...CLSID} = Adobe PDF Link Helper \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe Systems Incorporated] {3049C3E9-B461-4BC5-8870-4C09146192CA}\(Default) = (no title provided) -> {HKLM...CLSID} = RealPlayer Download and Record Plugin for Internet Explorer \InProcServer32\(Default) = [file not found] -> {HKLM...Wow...CLSID} = RealPlayer Download and Record Plugin for Internet Explorer \InProcServer32\(Default) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [RealPlayer] {72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided) -> {HKLM...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [Oracle Corporation] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] -> {HKLM...Wow...CLSID} = Aanmeldhulp voor Windows Live ID \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {92EF2EAD-A7CE-4424-B0DB-499CF856608E}\(Default) = (no title provided) -> {HKLM...CLSID} = Evernote extension \InProcServer32\(Default) = C:\Program Files (x86)\Evernote\Evernote\EvernoteIEx64.dll [Evernote Corp., 305 Walnut Street, Redwood City, CA 94063] -> {HKLM...Wow...CLSID} = Evernote extension \InProcServer32\(Default) = C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [Evernote Corp., 305 Walnut Street, Redwood City, CA 94063] {AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided) -> {HKLM...CLSID} = Google Toolbar Helper \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Inc.] -> {HKLM...Wow...CLSID} = Google Toolbar Helper \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.] {AE7CD045-E861-484f-8273-0445EE161910}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Adobe PDF Conversion Toolbar Helper \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Adobe Systems Incorporated] {B4F3A835-0E21-4959-BA22-42B3008E02FF}\(Default) = URLRedirectionBHO -> {HKLM...CLSID} = Office Document Cache Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [MS] -> {HKLM...Wow...CLSID} = Office Document Cache Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [MS] {d2ce3e00-f94a-4740-988e-03dc2f38c34f}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Bing Bar Helper \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [Microsoft Corporation.] {D5233FCD-D258-4903-89B8-FB1568E7413D}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile \InProcServer32\(Default) = mscoree.dll [MS] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [Oracle Corporation] {F4971EE7-DAA0-4053-9964-665D8EE6A077}\(Default) = SmartSelect -> {HKLM...Wow...CLSID} = SmartSelect Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Adobe Systems Incorporated] {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}\(Default) = HP Smart BHO Class -> {HKLM...Wow...CLSID} = HP Smart BHO Class \InProcServer32\(Default) = C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [Hewlett-Packard Co.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt1 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt2 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt3\(Default) = {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt5 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt4\(Default) = {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt6 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt5\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt3 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt6\(Default) = {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt7 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt7\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt4 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt8\(Default) = {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt8 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [Dropbox, Inc.] Groove Explorer Icon Overlay 1 (GFS Unread Stub)\(Default) = {99FD978C-D287-4F50-827F-B2C658EDA8E7} -> {HKLM...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 2 (GFS Stub)\(Default) = {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} -> {HKLM...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)\(Default) = {920E6DB1-9907-4370-B3A0-BAFC03D81399} -> {HKLM...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 3 (GFS Folder)\(Default) = {16F3DD56-1AF5-4347-846D-7C10C4192619} -> {HKLM...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 4 (GFS Unread Mark)\(Default) = {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} -> {HKLM...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] SmartFTP Drop\(Default) = {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} -> {HKLM...CLSID} = SmartFTP Drop ShellIconOverlayHandler \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt1 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt2 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt3\(Default) = {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt5 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt4\(Default) = {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt6 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt5\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt3 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt6\(Default) = {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt7 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt7\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt4 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt8\(Default) = {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt8 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] "DropboxExt1"\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt1 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] "DropboxExt2"\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt2 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] "DropboxExt3"\(Default) = {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt5 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] "DropboxExt4"\(Default) = {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt6 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] "DropboxExt5"\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt3 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] "DropboxExt6"\(Default) = {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt7 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] "DropboxExt7"\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt4 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] "DropboxExt8"\(Default) = {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt8 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt1 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt2 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt3\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt3 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt4\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt4 Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] Groove Explorer Icon Overlay 1 (GFS Unread Stub)\(Default) = {99FD978C-D287-4F50-827F-B2C658EDA8E7} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 2 (GFS Stub)\(Default) = {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)\(Default) = {920E6DB1-9907-4370-B3A0-BAFC03D81399} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 3 (GFS Folder)\(Default) = {16F3DD56-1AF5-4347-846D-7C10C4192619} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] Groove Explorer Icon Overlay 4 (GFS Unread Mark)\(Default) = {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class -> {HKLM...CLSID} = DesktopContext Class \InProcServer32\(Default) = C:\Program Files\NVIDIA Corporation\Display\nvui.dll [NVIDIA Corporation] {DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} = Logitech Setpoint Extension -> {HKLM...CLSID} = KbLogiExt Class \InProcServer32\(Default) = C:\Program Files\Logitech\SetPoint\kbcplext.dll [Logitech, Inc.] {B9B9F083-2B04-452A-8691-83694AC1037B} = Logitech Setpoint Extension -> {HKLM...CLSID} = LogiExt Class \InProcServer32\(Default) = C:\Program Files\Logitech\SetPoint\mcplext.dll [Logitech, Inc.] {E0D79304-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] {E0D79305-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] {E0D79306-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] {E0D79307-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] {23170F69-40C1-278A-1000-000100020000} = 7-Zip Shell Extension -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} = Adobe.Acrobat.ContextMenu -> {HKLM...CLSID} = Acrobat Elements Context Menu \InProcServer32\(Default) = F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [Adobe Systems Inc.] {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = NVIDIA Play On My TV Context Menu Extension -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] {F87DED31-303F-4ED1-9BCE-D360FBC74E0A} = SmartFTP ContextMenu -> {HKLM...CLSID} = SmartFTP ContextMenu Shell Extension \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] {2ED7FD81-CBA6-45E5-A49A-5E84889A94E2} = SmartFTP Drop Handler -> {HKLM...CLSID} = ShellDragDropHandler Class \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] {40FDFA48-5F4E-4627-A78E-6A49A3D4492F} = SmartFTP ShellDropHandler -> {HKLM...CLSID} = SmartFTP ShellDropHandler Class \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} = SmartFTP Drop ShellIconOverlayHandler -> {HKLM...CLSID} = SmartFTP Drop ShellIconOverlayHandler \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] {EB5EE1F3-041A-4c03-9D51-2BEC6715FB00} = SmartFTP Search Shell Namespace Extension -> {HKLM...CLSID} = ShellFolderSearchRoot Class \InProcServer32\(Default) = F:\SmartFTP Client\sfFTPShellExtension.dll [SmartSoft Ltd.] {119310E6-5FB7-4eeb-BEDB-9E229E76B9B4} = SmartFTP MultiUpload Shell Namespace Extension -> {HKLM...CLSID} = ShellFolderMultiUploadDestination Class \InProcServer32\(Default) = F:\SmartFTP Client\sfFTPShellExtension.dll [SmartSoft Ltd.] {3B164627-7060-47BB-A1BE-DF5540B02821} = SmartFTP MultiUpload Shell Namespace Extension -> {HKLM...CLSID} = ShellFolderMultiUploadSource Class \InProcServer32\(Default) = F:\SmartFTP Client\sfFTPShellExtension.dll [SmartSoft Ltd.] {82AA9188-44E0-40B9-B956-43A10C315B4F} = SmartFTP Shell Namespace Extension -> {HKLM...CLSID} = RootShellFolder Class \InProcServer32\(Default) = F:\SmartFTP Client\sfFTPShellExtension.dll [SmartSoft Ltd.] {FD504287-1372-40d2-ACA6-216A8FCC243D} = SmartFTP Favorites Namespace -> {HKLM...CLSID} = SmartFTP FavoritesShellFolder Class \InProcServer32\(Default) = F:\SmartFTP Client\sfFavoritesShellExtension.dll [SmartSoft Ltd.] {0848278D-D88B-445b-BEDC-7DFBDB061F5F} = SmartFTP Shell Namespace Extension -> {HKLM...CLSID} = SmartFTP FavoritesShellFolderDesktop class \InProcServer32\(Default) = F:\SmartFTP Client\sfFavoritesShellExtension.dll [SmartSoft Ltd.] {6E0A0931-B89D-45B7-8BF0-F221A6D67257} = SmartFTP Favorites Namespace -> {HKLM...CLSID} = ShellFolderRoot Class \InProcServer32\(Default) = F:\SmartFTP Client\sfFavoritesShellExtension.dll [SmartSoft Ltd.] {7568C3F3-DF7E-436A-95C2-772819DF58B4} = SmartFTP Favorites Namespace -> {HKLM...CLSID} = ShellFolderExternal Class \InProcServer32\(Default) = F:\SmartFTP Client\sfFavoritesShellExtension.dll [SmartSoft Ltd.] {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} = Revo Uninstaller Pro Extension -> {HKLM...CLSID} = RUShellExt Class \InProcServer32\(Default) = F:\Revo Uninstaller Pro\RUExt.dll [VS Revo Group] {3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} = Groove Namespace Extension -> {HKLM...CLSID} = Workspaces \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} = Microsoft OneNote Namespace Extension for Windows Desktop Search -> {HKLM...CLSID} = Microsoft OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL [MS] {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0} -> {HKLM...CLSID} = ImageExtractorShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\VISSHE.DLL [MS] {D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF} -> {HKLM...CLSID} = CInfoTipShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\VISSHE.DLL [MS] {72853161-30C5-4D22-B7F9-0BBC1D38A37E} = Groove GFS Browser Helper -> {HKLM...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {6C467336-8281-4E60-8204-430CED96822D} = Groove GFS Context Menu Handler -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} = Groove GFS Explorer Bar -> {HKLM...CLSID} = Groove Folder Synchronization \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {16F3DD56-1AF5-4347-846D-7C10C4192619} = Groove Explorer Icon Overlay 3 (GFS Folder) -> {HKLM...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook -> {HKLM...CLSID} = Groove GFS Stub Execution Hook \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {A449600E-1DC6-4232-B948-9BD794D62056} = Groove GFS Stub Icon Handler -> {HKLM...CLSID} = Groove GFS Stub Icon Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} = Groove Explorer Icon Overlay 2 (GFS Stub) -> {HKLM...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {920E6DB1-9907-4370-B3A0-BAFC03D81399} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {HKLM...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {HKLM...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {99FD978C-D287-4F50-827F-B2C658EDA8E7} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {HKLM...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {387E725D-DC16-4D76-B310-2C93ED4752A0} = Groove XML Icon Handler -> {HKLM...CLSID} = Groove XML Icon Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] {7CCA70DB-DE7A-4FB7-9B2B-52E2335A3B5A} = Nameext -> {HKLM...CLSID} = Enterprise Projects \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\NAMEEXT.DLL [MS] {0006F045-0000-0000-C000-000000000046} = Microsoft Outlook Custom Icon Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL [MS] {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll [MS] {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} = iTunes -> {HKLM...CLSID} = iTunes \InProcServer32\(Default) = C:\Program Files\iTunes\iTunesMiniPlayer.dll [Apple Inc.] {09A47860-11B0-4DA5-AFA5-26D86198A780} = EPP -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~4\shellext.dll [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {640167b4-59b0-47a6-b335-a6b3c0695aea} = Portable Media Devices -> {HKLM...Wow...CLSID} = Portable Media Devices \InProcServer32\(Default) = C:\Windows\system32\audiodev.dll [file not found] {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} = Adobe.Acrobat.ContextMenu -> {HKLM...Wow...CLSID} = Acrobat Elements Context Menu \InProcServer32\(Default) = F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat Elements\ContextMenu.dll [Adobe Systems Inc.] {F764812A-132C-4013-9960-5CBBEB408A0E} = Nero Shell Extension -> {HKLM...Wow...CLSID} = NeroShellExt Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll [Nero AG] {23170F69-40C1-278A-1000-000100020000} = 7-Zip Shell Extension -> {HKLM...Wow...CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\7-Zip\7-zip.dll [Igor Pavlov] {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} = Shell Extensions for RealOne Player -> {HKLM...Wow...CLSID} = RealOne Player Context Menu Class \InProcServer32\(Default) = C:\Program Files (x86)\Real\RealPlayer\rpshell.dll [RealNetworks, Inc.] {4B9576CF-00E1-4578-89AE-83ED6D503E93} = FKS Shell Extension - IconHandler -> {HKLM...Wow...CLSID} = FSFKShell.FKSIcon \InProcServer32\(Default) = F:\Microsoft Flight Simulator X addons\FSFKShell.dll [file not found] {798082EF-407A-4788-AAD8-CFB2CFF105DA} = CSE Shell Extension - IconHandler -> {HKLM...Wow...CLSID} = FSFKShell.CSEIcon \InProcServer32\(Default) = F:\Microsoft Flight Simulator X addons\FSFKShell.dll [file not found] {D0B00EE6-CFBA-4462-9872-75F8690526FE} = FSP Shell Extension - IconHandler -> {HKLM...Wow...CLSID} = FSFKShell.FSPIcon \InProcServer32\(Default) = F:\Microsoft Flight Simulator X addons\FSFKShell.dll [file not found] {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll [MS] {3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} = Groove Namespace Extension -> {HKLM...Wow...CLSID} = Workspaces \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} = Microsoft OneNote Namespace Extension for Windows Desktop Search -> {HKLM...Wow...CLSID} = Microsoft OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL [MS] {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0} -> {HKLM...Wow...CLSID} = ImageExtractorShellExt Class \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL [MS] {D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF} -> {HKLM...Wow...CLSID} = CInfoTipShellExt Class \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL [MS] {72853161-30C5-4D22-B7F9-0BBC1D38A37E} = Groove GFS Browser Helper -> {HKLM...Wow...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {6C467336-8281-4E60-8204-430CED96822D} = Groove GFS Context Menu Handler -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} = Groove GFS Explorer Bar -> {HKLM...Wow...CLSID} = Groove Folder Synchronization \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {16F3DD56-1AF5-4347-846D-7C10C4192619} = Groove Explorer Icon Overlay 3 (GFS Folder) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook -> {HKLM...Wow...CLSID} = Groove GFS Stub Execution Hook \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {A449600E-1DC6-4232-B948-9BD794D62056} = Groove GFS Stub Icon Handler -> {HKLM...Wow...CLSID} = Groove GFS Stub Icon Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} = Groove Explorer Icon Overlay 2 (GFS Stub) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {920E6DB1-9907-4370-B3A0-BAFC03D81399} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {99FD978C-D287-4F50-827F-B2C658EDA8E7} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {387E725D-DC16-4D76-B310-2C93ED4752A0} = Groove XML Icon Handler -> {HKLM...Wow...CLSID} = Groove XML Icon Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {00020D75-0000-0000-C000-000000000046} = Microsoft Outlook Desktop Icon Handler -> {HKLM...Wow...CLSID} = Microsoft Outlook \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\MLSHEXT.DLL [MS] {0006F045-0000-0000-C000-000000000046} = Microsoft Outlook Custom Icon Handler -> {HKLM...Wow...CLSID} = Outlook File Icon Extension \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ <> {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook -> {HKLM...CLSID} = Groove GFS Stub Execution Hook \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ <> {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook -> {HKLM...CLSID} = Groove GFS Stub Execution Hook \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <> text/xml\CLSID = {807573E5-5146-11D5-A672-00B0D022E945} -> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [MS] HKCU\Software\Classes\*\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} -> {HKCU...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] -> {HKLM...Wow...CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\7-Zip\7-zip.dll [Igor Pavlov] Adobe.Acrobat.ContextMenu\(Default) = {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} -> {HKLM...CLSID} = Acrobat Elements Context Menu \InProcServer32\(Default) = F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [Adobe Systems Inc.] -> {HKLM...Wow...CLSID} = Acrobat Elements Context Menu \InProcServer32\(Default) = F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat Elements\ContextMenu.dll [Adobe Systems Inc.] EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~4\shellext.dll [MS] LavasoftShellExt\(Default) = {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} -> {HKLM...CLSID} = Lavasoft Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [file not found] MagicISO\(Default) = {DB85C504-C730-49DD-BEC1-7B39C6103B7A} -> {HKLM...CLSID} = MShellExtMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\MagicISO\misosh64.dll [MagicISO, Inc.] SmartFTP\(Default) = {F87DED31-303F-4ED1-9BCE-D360FBC74E0A} -> {HKLM...CLSID} = SmartFTP ContextMenu Shell Extension \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {A4FD8DDB-5800-4414-97F9-7457AC8EE4F0}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = NBShellHook Class \InProcServer32\(Default) = F:\Nero 10\Nero BackItUp\NBShell.dll [Nero AG] {F764812A-132C-4013-9960-5CBBEB408A0E}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = NeroShellExt Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll [Nero AG] HKLM\SOFTWARE\Classes\Wow6432Node\*\shellex\ContextMenuHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] -> {HKLM...Wow...CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\7-Zip\7-zip.dll [Igor Pavlov] Adobe.Acrobat.ContextMenu\(Default) = {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} -> {HKLM...CLSID} = Acrobat Elements Context Menu \InProcServer32\(Default) = F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [Adobe Systems Inc.] -> {HKLM...Wow...CLSID} = Acrobat Elements Context Menu \InProcServer32\(Default) = F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat Elements\ContextMenu.dll [Adobe Systems Inc.] EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~4\shellext.dll [MS] LavasoftShellExt\(Default) = {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} -> {HKLM...CLSID} = Lavasoft Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [file not found] MagicISO\(Default) = {DB85C504-C730-49DD-BEC1-7B39C6103B7A} -> {HKLM...CLSID} = MShellExtMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\MagicISO\misosh64.dll [MagicISO, Inc.] SmartFTP\(Default) = {F87DED31-303F-4ED1-9BCE-D360FBC74E0A} -> {HKLM...CLSID} = SmartFTP ContextMenu Shell Extension \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {A4FD8DDB-5800-4414-97F9-7457AC8EE4F0}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = NBShellHook Class \InProcServer32\(Default) = F:\Nero 10\Nero BackItUp\NBShell.dll [Nero AG] {F764812A-132C-4013-9960-5CBBEB408A0E}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = NeroShellExt Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll [Nero AG] HKLM\SOFTWARE\Classes\*\shellex\DragDropHandlers\ NBShellHook\(Default) = {A4FD8DDB-5800-4414-97F9-7457AC8EE4F0} -> {HKLM...Wow...CLSID} = NBShellHook Class \InProcServer32\(Default) = F:\Nero 10\Nero BackItUp\NBShell.dll [Nero AG] HKLM\SOFTWARE\Classes\Wow6432Node\*\shellex\DragDropHandlers\ NBShellHook\(Default) = {A4FD8DDB-5800-4414-97F9-7457AC8EE4F0} -> {HKLM...Wow...CLSID} = NBShellHook Class \InProcServer32\(Default) = F:\Nero 10\Nero BackItUp\NBShell.dll [Nero AG] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {C95FFEAE-A32E-4122-A5C4-49B5BFB69795}\(Default) = {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} -> {HKLM...CLSID} = Adobe Drive CS4 \InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [Adobe Systems Incorporated] -> {HKLM...Wow...CLSID} = Adobe Drive CS4 \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [Adobe Systems Incorporated] HKLM\SOFTWARE\Classes\Wow6432Node\AllFilesystemObjects\shellex\ContextMenuHandlers\ XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {C95FFEAE-A32E-4122-A5C4-49B5BFB69795}\(Default) = {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} -> {HKLM...CLSID} = Adobe Drive CS4 \InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [Adobe Systems Incorporated] -> {HKLM...Wow...CLSID} = Adobe Drive CS4 \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [Adobe Systems Incorporated] HKCU\Software\Classes\Directory\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} -> {HKCU...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] -> {HKLM...Wow...CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\7-Zip\7-zip.dll [Igor Pavlov] EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~4\shellext.dll [MS] MagicISO\(Default) = {DB85C504-C730-49DD-BEC1-7B39C6103B7A} -> {HKLM...CLSID} = MShellExtMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\MagicISO\misosh64.dll [MagicISO, Inc.] SmartFTP\(Default) = {F87DED31-303F-4ED1-9BCE-D360FBC74E0A} -> {HKLM...CLSID} = SmartFTP ContextMenu Shell Extension \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {F764812A-132C-4013-9960-5CBBEB408A0E}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = NeroShellExt Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll [Nero AG] HKLM\SOFTWARE\Classes\Wow6432Node\Directory\shellex\ContextMenuHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] -> {HKLM...Wow...CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\7-Zip\7-zip.dll [Igor Pavlov] EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~4\shellext.dll [MS] MagicISO\(Default) = {DB85C504-C730-49DD-BEC1-7B39C6103B7A} -> {HKLM...CLSID} = MShellExtMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\MagicISO\misosh64.dll [MagicISO, Inc.] SmartFTP\(Default) = {F87DED31-303F-4ED1-9BCE-D360FBC74E0A} -> {HKLM...CLSID} = SmartFTP ContextMenu Shell Extension \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {F764812A-132C-4013-9960-5CBBEB408A0E}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = NeroShellExt Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll [Nero AG] HKLM\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\ FileZilla3CopyHook\(Default) = {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} -> {HKLM...CLSID} = FileZilla 3 Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll [null data] -> {HKLM...Wow...CLSID} = FileZilla 3 Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll [null data] HKLM\SOFTWARE\Classes\Wow6432Node\Directory\shellex\CopyHookHandlers\ FileZilla3CopyHook\(Default) = {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} -> {HKLM...CLSID} = FileZilla 3 Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll [null data] -> {HKLM...Wow...CLSID} = FileZilla 3 Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll [null data] HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] -> {HKLM...Wow...CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\7-Zip\7-zip.dll [Igor Pavlov] SmartFTP Drop Handler\(Default) = {2ED7FD81-CBA6-45E5-A49A-5E84889A94E2} -> {HKLM...CLSID} = ShellDragDropHandler Class \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] WinZip\(Default) = {E0D79305-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] HKLM\SOFTWARE\Classes\Wow6432Node\Directory\shellex\DragDropHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] -> {HKLM...Wow...CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\7-Zip\7-zip.dll [Igor Pavlov] SmartFTP Drop Handler\(Default) = {2ED7FD81-CBA6-45E5-A49A-5E84889A94E2} -> {HKLM...CLSID} = ShellDragDropHandler Class \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] WinZip\(Default) = {E0D79305-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] HKCU\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} -> {HKCU...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {C95FFEAE-A32E-4122-A5C4-49B5BFB69795}\(Default) = {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} -> {HKLM...CLSID} = Adobe Drive CS4 \InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [Adobe Systems Incorporated] -> {HKLM...Wow...CLSID} = Adobe Drive CS4 \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [Adobe Systems Incorporated] HKLM\SOFTWARE\Classes\Wow6432Node\Directory\Background\shellex\ContextMenuHandlers\ NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {C95FFEAE-A32E-4122-A5C4-49B5BFB69795}\(Default) = {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} -> {HKLM...CLSID} = Adobe Drive CS4 \InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [Adobe Systems Incorporated] -> {HKLM...Wow...CLSID} = Adobe Drive CS4 \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [Adobe Systems Incorporated] HKLM\SOFTWARE\Classes\Directory\Background\shellex\DragDropHandlers\ SmartFTP Drop Handler\(Default) = {2ED7FD81-CBA6-45E5-A49A-5E84889A94E2} -> {HKLM...CLSID} = ShellDragDropHandler Class \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] HKLM\SOFTWARE\Classes\Wow6432Node\Directory\Background\shellex\DragDropHandlers\ SmartFTP Drop Handler\(Default) = {2ED7FD81-CBA6-45E5-A49A-5E84889A94E2} -> {HKLM...CLSID} = ShellDragDropHandler Class \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info -> {HKLM...Wow...CLSID} = PDF Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.] HKLM\SOFTWARE\Classes\Wow6432Node\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info -> {HKLM...Wow...CLSID} = PDF Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ Adobe.Acrobat.ContextMenu\(Default) = {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} -> {HKLM...CLSID} = Acrobat Elements Context Menu \InProcServer32\(Default) = F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [Adobe Systems Inc.] -> {HKLM...Wow...CLSID} = Acrobat Elements Context Menu \InProcServer32\(Default) = F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat Elements\ContextMenu.dll [Adobe Systems Inc.] LavasoftShellExt\(Default) = {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} -> {HKLM...CLSID} = Lavasoft Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [file not found] MagicISO\(Default) = {DB85C504-C730-49DD-BEC1-7B39C6103B7A} -> {HKLM...CLSID} = MShellExtMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\MagicISO\misosh64.dll [MagicISO, Inc.] RUShellExt\(Default) = {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} -> {HKLM...CLSID} = RUShellExt Class \InProcServer32\(Default) = F:\Revo Uninstaller Pro\RUExt.dll [VS Revo Group] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {A4FD8DDB-5800-4414-97F9-7457AC8EE4F0}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = NBShellHook Class \InProcServer32\(Default) = F:\Nero 10\Nero BackItUp\NBShell.dll [Nero AG] HKLM\SOFTWARE\Classes\Wow6432Node\Folder\shellex\ContextMenuHandlers\ Adobe.Acrobat.ContextMenu\(Default) = {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} -> {HKLM...CLSID} = Acrobat Elements Context Menu \InProcServer32\(Default) = F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [Adobe Systems Inc.] -> {HKLM...Wow...CLSID} = Acrobat Elements Context Menu \InProcServer32\(Default) = F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat Elements\ContextMenu.dll [Adobe Systems Inc.] LavasoftShellExt\(Default) = {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} -> {HKLM...CLSID} = Lavasoft Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll [file not found] MagicISO\(Default) = {DB85C504-C730-49DD-BEC1-7B39C6103B7A} -> {HKLM...CLSID} = MShellExtMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\MagicISO\misosh64.dll [MagicISO, Inc.] RUShellExt\(Default) = {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} -> {HKLM...CLSID} = RUShellExt Class \InProcServer32\(Default) = F:\Revo Uninstaller Pro\RUExt.dll [VS Revo Group] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] {A4FD8DDB-5800-4414-97F9-7457AC8EE4F0}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = NBShellHook Class \InProcServer32\(Default) = F:\Nero 10\Nero BackItUp\NBShell.dll [Nero AG] HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\ NBShellHook\(Default) = {A4FD8DDB-5800-4414-97F9-7457AC8EE4F0} -> {HKLM...Wow...CLSID} = NBShellHook Class \InProcServer32\(Default) = F:\Nero 10\Nero BackItUp\NBShell.dll [Nero AG] SmartFTP Drop Handler\(Default) = {2ED7FD81-CBA6-45E5-A49A-5E84889A94E2} -> {HKLM...CLSID} = ShellDragDropHandler Class \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] WinZip\(Default) = {E0D79305-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] HKLM\SOFTWARE\Classes\Wow6432Node\Folder\shellex\DragDropHandlers\ NBShellHook\(Default) = {A4FD8DDB-5800-4414-97F9-7457AC8EE4F0} -> {HKLM...Wow...CLSID} = NBShellHook Class \InProcServer32\(Default) = F:\Nero 10\Nero BackItUp\NBShell.dll [Nero AG] SmartFTP Drop Handler\(Default) = {2ED7FD81-CBA6-45E5-A49A-5E84889A94E2} -> {HKLM...CLSID} = ShellDragDropHandler Class \InProcServer32\(Default) = F:\SmartFTP Client\sfShellTools.dll [SmartSoft Ltd.] WinZip\(Default) = {E0D79305-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files (x86)\WinZip\wzshls64.dll [WinZip Computing, S.L.] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoLowDiskSpaceChecks = (REG_DWORD) dword:0x00000000 {unrecognized setting} NoInstrumentation = (REG_SZ) 1 {unrecognized setting} HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting\ Disabled = (REG_DWORD) dword:0x00000001 {Computer Configuration|Administrative Templates|Windows Components|Windows Error Reporting| Disable Windows Error Reporting} DontShowUI = (REG_DWORD) dword:0x00000001 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ EnableLinkedConnections = (REG_DWORD) dword:0x00000001 {unrecognized setting} SoftwareSASGeneration = (REG_DWORD) dword:0x00000001 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ Wallpaper = C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ SCRNSAVE.EXE = C:\Windows\system32\logon.scr [MS] Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ DropboxAutoplayProxy\ Provider = Dropbox InvokeProgID = Dropbox.AutoplayEventHandlerProxy InvokeVerb = import HKLM\SOFTWARE\Classes\Dropbox.AutoplayEventHandlerProxy\shell\import\DropTarget\CLSID = {F38F335B-BC2E-450E-8FC6-0E13E17FC8FE} -> {HKLM...CLSID} = Dropbox Autoplay Proxy COM Server \LocalServer32\(Default) = C:\Program Files (x86)\Dropbox\DropboxProxy.exe /autoplayproxy [Dropbox, Inc.] HPAutoplayPSE\ Provider = HP Photosmart Essential 2.5 InvokeProgID = HpqPSApl.Autoplay InvokeVerb = Play HKLM\SOFTWARE\Classes\HpqPSApl.Autoplay\shell\Play\DropTarget\CLSID = {A6873065-D632-4615-A3A9-C5F05EE109C1} -> {HKLM...CLSID} = (no title provided) \LocalServer32\(Default) = C:\Program Files (x86)\HP\Digital Imaging\bin\HpqPsApl.exe [Hewlett-Packard] iTunesBurnCDOnArrival\ Provider = iTunes InvokeProgID = iTunes.BurnCD InvokeVerb = burn HKLM\SOFTWARE\Classes\iTunes.BurnCD\shell\burn\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayBurn "%L" [Apple Inc.] iTunesImportSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ImportSongsOnCD InvokeVerb = import HKLM\SOFTWARE\Classes\iTunes.ImportSongsOnCD\shell\import\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayImportSongs "%L" [Apple Inc.] iTunesPlaySongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.PlaySongsOnCD InvokeVerb = play HKLM\SOFTWARE\Classes\iTunes.PlaySongsOnCD\shell\play\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /playCD "%L" [Apple Inc.] iTunesShowSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ShowSongsOnCD InvokeVerb = showsongs HKLM\SOFTWARE\Classes\iTunes.ShowSongsOnCD\shell\showsongs\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayShowSongs "%L" [Apple Inc.] MSPlayCDAudioOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.AudioCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS] MSPlayDVDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.DVD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS] MSPlaySuperVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPlayVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSRipCDAudioOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.RipCD InvokeVerb = Rip HKLM\SOFTWARE\Classes\WMP.RipCD\shell\Rip\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /RipAudioCD "%L" [MS] MSWMPBurnCDOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.BurnCD InvokeVerb = Burn HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS] MSWMPBurnDataDVDArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.BurnDVD InvokeVerb = Burn HKLM\SOFTWARE\Classes\WMP.BurnDVD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:DVDWrite /Device:"%L" [MS] RPCDBurningOnArrival\ Provider = RealPlayer InvokeProgID = RealPlayer.CDBurn.6 InvokeVerb = open HKCU\Software\Classes\RealPlayer.CDBurn.6\shell\open\command\(Default) = "C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe" /burn "%1" [RealNetworks, Inc.] RPDeviceOnArrival\ Provider = RealPlayer ProgID = RealPlayer.HWEventHandler HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler\CLSID\(Default) = {67E76F1D-BDE2-4052-913C-2752366192D2} -> {HKLM...CLSID} = RealNetworks Scheduler \LocalServer32\(Default) = "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -autoplay [RealNetworks, Inc.] RPDVDBurningOnArrival\ Provider = RealPlayer InvokeProgID = RealPlayer.DVDBurn.6 InvokeVerb = open HKCU\Software\Classes\RealPlayer.DVDBurn.6\shell\open\command\(Default) = "C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe" /burndvd "%1" [RealNetworks, Inc.] RPPlayCDAudioOnArrival\ Provider = RealPlayer InvokeProgID = RealPlayer.AudioCD.6 InvokeVerb = play HKCU\Software\Classes\RealPlayer.AudioCD.6\shell\play\command\(Default) = "C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe" /play %1 [RealNetworks, Inc.] RPPlayDVDMovieOnArrival\ Provider = RealPlayer InvokeProgID = RealPlayer.DVD.6 InvokeVerb = play HKCU\Software\Classes\RealPlayer.DVD.6\shell\play\command\(Default) = "C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe" /dvd %1 [RealNetworks, Inc.] RPPlayMediaOnArrival\ Provider = RealPlayer InvokeProgID = RealPlayer.AutoPlay.6 InvokeVerb = open HKCU\Software\Classes\RealPlayer.AutoPlay.6\shell\open\command\(Default) = "C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe" /autoplay "%1" [RealNetworks, Inc.] WIA_{1831C16B-D58E-4A41-B98E-E0B44C7DFF86}\ Provider = Photoshop CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;F:\Adobe CS4 Master Collection\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe /StiDevice:%1 /StiEvent:%2; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{6F9E3C1B-CB58-4D3E-9C86-4F8008F979DE}\ Provider = Photoshop CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;F:\Adobe CS4 Master Collection\Adobe Photoshop CS4\Photoshop.exe /StiDevice:%1 /StiEvent:%2; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{AED7C879-C199-4529-ABAC-60A5461E4985}\ Provider = WinZip CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\PROGRA~2\WINZIP\WINZIP32.EXE /wia; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{D2AF619D-6F0B-460D-80C0-3219B7D1F91C}\ Provider = PaperPort CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files (x86)\ScanSoft\PaperPort\PaprPort.exe /StillImage /StiDevice:%1 /StiEvent:%2; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{F54B53AE-289D-4162-AF7B-BD90A82903F5}\ Provider = ControlCenter3 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /StiDevice:%1 /StiEvent:%2; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{F7FD2C26-28F3-4F18-81DC-5AB44B1BFDFE}\ Provider = HP Photosmart Essential 2.5 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files (x86)\HP\Digital Imaging\bin\HpqPsApl.exe; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] Startup items in "Zakelijk - Estate Pl" & "All Users" startup folders: ---------------------------------------------------------------------- C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup {++} Dropbox -> shortcut to: C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [Dropbox, Inc.] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup {++} BrytonBridge2 -> shortcut to: C:\Program Files (x86)\BrytonBridge2\BrytonBridge2.exe [null data] Logitech Desktop Messenger -> shortcut to: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -startup [Logitech Inc.] Logitech SetPoint -> shortcut to: C:\Program Files\Logitech\SetPoint\SetPoint.exe [Logitech, Inc.] Windows Sidebar Gadgets: {++} ------------------------ C:\Users\Zakelijk - Estate Pl\AppData\Local\Microsoft\Windows Sidebar\Settings.ini "C:%5CProgram%20Files%5CWindows%20Sidebar%5CGadgets%5CCalendar.Gadget" "C:%5CProgram%20Files%5CWindows%20Sidebar%5CGadgets%5CClock.Gadget" "C:%5CProgram%20Files%5CWindows%20Sidebar%5CGadgets%5CWeather.Gadget" Non-disabled Scheduled Tasks: {++} ----------------------------- C:\Windows\System32\Tasks Ad-Aware Update (Daily 1) -> launches: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent [file not found] Ad-Aware Update (Daily 2) -> launches: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent [file not found] Ad-Aware Update (Daily 3) -> launches: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent [file not found] Ad-Aware Update (Daily 4) -> launches: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent [file not found] Ad-Aware Update (Weekly) -> launches: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent [file not found] Adobe Flash Player Updater -> launches: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated] avast! Emergency Update -> (HIDDEN!) launches: F:\AVAST Software\Avast\AvastEmUpdate.exe [file not found] CreateChoiceProcessTask -> launches: C:\Windows\System32\browserchoice.exe /launch [MS] DropboxUpdateTaskUserS-1-5-21-2883450986-3951649885-2188304626-1013Core -> launches: C:\Users\Zakelijk - Estate Pl\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c [Dropbox, Inc.] DropboxUpdateTaskUserS-1-5-21-2883450986-3951649885-2188304626-1013UA -> launches: C:\Users\Zakelijk - Estate Pl\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler [Dropbox, Inc.] GoogleUpdateTaskMachineCore -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineUA -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] RealUpgradeLogonTaskS-1-5-21-2883450986-3951649885-2188304626-1013 -> launches: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck [RealNetworks, Inc.] RealUpgradeScheduledTaskS-1-5-21-2883450986-3951649885-2188304626-1013 -> launches: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck [RealNetworks, Inc.] RMSchedule -> launches: F:\PC Tools Registry Mechanic\RegMech.exe /SF [PC Tools] RMSmartUpdate -> launches: "F:\PC Tools Registry Mechanic\update.exe" /SILENT /PRODUCT=RM /VERSION=11.0.0.277 /PID=0 /SUBPRODUCT=NRM [PC Tools] Start Evernote Client -> launches: C:\Program Files (x86)\Evernote\Evernote\Evernote.exe [Evernote Corp., 305 Walnut Street, Redwood City, CA 94063] {00DCCEC0-71B7-4371-B861-C4BC14176DF8} -> launches: C:\Windows\system32\pcalua.exe -a F:\SWAT\setup.exe -d F:\SWAT [MS] {04BAFF9A-F913-41A6-8347-0F41D5DFDF24} -> launches: C:\Windows\system32\pcalua.exe -a F:\SIXTEE~1\EMERGE~1\MODINS~1.EXE -d "C:\Users\Frederic\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H9LQL2Q8" -c "C:\Users\Frederic\AppData\Local\Temp\wz5ba3\Belgium mod 1-0beta.e4mod" [MS] {10881387-E95C-476C-B6C9-BA6BC0732604} -> launches: C:\Program Files (x86)\Skype\Phone\Skype.exe [Skype Technologies S.A.] {57EB8022-DC49-4427-9FAB-291798AADEF9} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Users\Frederic\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VU0L5FL3\PCMspot-Shirtspack-CT[1].exe" -d C:\Users\Frederic\Desktop [MS] {8CA16ADF-ADF5-46D3-95A7-3C36A27AD513} -> launches: C:\Windows\system32\pcalua.exe -a "F:\uTorrent\Utorrent downloads\Sage ACT! Premium 2011+Bonus Plugin\ACT Premium 2011 13.0.401.1 EdubZ\bin\demo32.exe" -d "F:\uTorrent\Utorrent downloads\Sage ACT! Premium 2011+Bonus Plugin\ACT Premium 2011 13.0.401.1 EdubZ\bin" [MS] {B8D75E1D-9CD0-46D1-9237-0948DED99BCA} -> launches: C:\Windows\system32\pcalua.exe -a "E:\hotel giant 2\rld-hog2\HG2Setup.exe" -d "E:\hotel giant 2\rld-hog2" [MS] {BD4EAF0F-D1B3-46D7-8580-5895D5AE63BB} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Users\Frederic\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPTWPN80\178.24_geforce_winvista_32bit_english_whql[1].exe" -d C:\Users\Frederic [MS] {C81500B7-86B8-4572-9FC0-EB7388E27706} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Users\Frederic\Desktop\Nieuwe map\SETUP.EXE" -d "C:\Users\Frederic\Desktop\Nieuwe map" [MS] {CCE2D58C-445B-4224-BAD7-FD693435B563} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Users\Frederic\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPTWPN80\178.24_geforce_winvista_64bit_english_whql[1].exe" -d C:\Users\Frederic [MS] {D648D886-CC44-47AB-BD59-CD0ABE4A3EA6} -> launches: C:\Windows\system32\pcalua.exe -a F:\rld-hog2\setup.exe -d F:\rld-hog2 [MS] {D68642A7-C291-4DC1-A9F8-53D442F946D7} -> launches: C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe -c /M{9527A496-5DF9-412A-ADC7-168BA5379CA6} [MS] C:\Windows\System32\Tasks\Apple AppleSoftwareUpdate -> launches: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task [Apple Inc.] C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware Microsoft Antimalware Scheduled Scan -> launches: C:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask-Roam -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS] OptinNotification -> launches: %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0 [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag ManualDefrag -> launches: %windir%\system32\defrag.exe \\?\Volume{f61bc749-0ca6-11e2-9730-806e6f6e6963}\ [MS] ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c -i -g [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Media Center ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS] mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) -gc [MS] OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS] OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery [MS] UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E} -> {HKLM...CLSID} = HotStart User Agent \InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS] TMM -> launches: {35EF4182-F900-4632-B072-8639E4478A61} -> {HKLM...CLSID} = Transient Multi-Monitor Manager \InProcServer32\(Default) = C:\Windows\System32\TMM.dll [MS] -> {HKLM...Wow...CLSID} = Transient Multi-Monitor Manager \InProcServer32\(Default) = C:\Windows\System32\TMM.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543} -> {HKLM...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetworkAccessProtection NAPStatus UI -> launches: {f09878a1-4652-4292-aa63-8c7d4fd7648f} -> {HKLM...CLSID} = Nap ITask Handler Implementation \InProcServer32\(Default) = C:\Windows\System32\QAgent.dll [MS] -> {HKLM...Wow...CLSID} = Nap ITask Handler Implementation \InProcServer32\(Default) = C:\Windows\System32\QAgent.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC RACAgent -> (HIDDEN!) launches: %windir%\system32\RacAgent.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Shell CrawlStartPages -> launches: {51653423-e62d-4ff7-894a-dabb2b8e21e2} -> {HKLM...CLSID} = CrawlStartPages Task Handler \InProcServer32\(Default) = C:\Windows\System32\srchadmin.dll [MS] -> {HKLM...Wow...CLSID} = CrawlStartPages Task Handler \InProcServer32\(Default) = C:\Windows\System32\srchadmin.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SideShow GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61} -> {HKLM...CLSID} = GadgetsManager Class \InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore SR -> launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip IpAddressConflict1 -> launches: rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS] IpAddressConflict2 -> launches: rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS] WSHReset -> (HIDDEN!) launches: %systemroot%\system32\netsh.exe interface tcp set heuristic wsh=default [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} -> {HKLM...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsCalendar Reminders - Frederic -> launches: C:\Program Files\Windows Calendar\wincal.exe /reminder [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wired GatherWiredInfo -> launches: %windir%\system32\gatherWiredInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows\Wireless GatherWirelessInfo -> launches: %windir%\system32\gatherWirelessInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE Extractor Definitions Update Task -> launches: {3519154C-227E-47F3-9CC9-12C3F05817F1} -> {HKLM...Wow...CLSID} = Windows Live Social Object Extractor Engine Definition Updater \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll [MS] C:\Windows\System32\Tasks\WPD SqmUpload_S-1-5-21-2883450986-3951649885-2188304626-1013 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000007\LibraryPath = C:\Program Files (x86)\Bonjour\mdnsNSP.dll [Apple Inc.] HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000007\LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll [Apple Inc.] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 10 HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 10 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ {2318C2B1-4965-11D4-9B18-009027A5CD4F} -> {HKLM...CLSID} = Google Toolbar \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Inc.] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ {2318C2B1-4965-11D4-9B18-009027A5CD4F} = (no title provided) -> {HKLM...CLSID} = Google Toolbar \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [Google Inc.] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\ {47833539-D0C5-4125-9FA8-0819E2EAAC93} = (no title provided) -> {HKLM...Wow...CLSID} = Adobe PDF \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [Adobe Systems Incorporated] {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} = (no title provided) -> {HKLM...Wow...CLSID} = Contribute Toolbar \InProcServer32\(Default) = F:\Adobe CS4 Master Collection\/Adobe Contribute CS4/contributeieplugin.dll [Adobe Systems Incorporated.] {2318C2B1-4965-11D4-9B18-009027A5CD4F} = (no title provided) -> {HKLM...Wow...CLSID} = Google Toolbar \InProcServer32\(Default) = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.] Explorer Bars HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Explorer Bars\ {555D4D79-4BD2-4094-A395-CFC534424A05}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = HP Smart Web Printing \InProcServer32\(Default) = C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll [Hewlett-Packard Co.] HKLM\SOFTWARE\Classes\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = Groove Folder Synchronization Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [MS] HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = Groove Folder Synchronization Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {2670000A-7350-4F3C-8081-5663EE0C6C49}\ ButtonText = Send to OneNote MenuText = Se&nd to OneNote CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C} -> {HKLM...CLSID} = Send to OneNote from Internet Explorer button \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll [MS] {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ ButtonText = &Gekoppelde notities van OneNote MenuText = &Gekoppelde notities van OneNote CLSIDExtension = {FFFDC614-B694-4AE6-AB38-5D6374584B52} -> {HKLM...CLSID} = Linked Notes button \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll [MS] {A95FE080-8F5D-11D2-A20B-00AA003C157A}\ ButtonText = @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 MenuText = @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 Script = AddNote.html [file not found] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\ {2670000A-7350-4F3C-8081-5663EE0C6C49}\ ButtonText = Verzenden naar OneNote MenuText = &Verzenden naar OneNote CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C} -> {HKLM...Wow...CLSID} = Send to OneNote from Internet Explorer button \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll [MS] {6F431AC3-364A-478B-BBDB-89C7CE1B18F6}\ ButtonText = Attach Web page to ACT! contact MenuText = Attach Web page to ACT! contact... CLSIDExtension = {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} -> {HKLM...Wow...CLSID} = Act.UI.InternetExplorer.Plugins.AttachFile.CommandDispatch \InProcServer32\(Default) = mscoree.dll [MS] {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ ButtonText = &Gekoppelde notities van OneNote MenuText = &Gekoppelde notities van OneNote CLSIDExtension = {FFFDC614-B694-4AE6-AB38-5D6374584B52} -> {HKLM...Wow...CLSID} = Linked Notes button \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll [MS] {A95FE080-8F5D-11D2-A20B-00AA003C157A}\ ButtonText = @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 MenuText = @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 Script = C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html [null data] {DDE87865-83C5-48C4-8357-2F5B1AA84522}\ ButtonText = Toon of verberg HP Smart Web Printing CLSIDExtension = {DDE87865-83C5-48c4-8357-2F5B1AA84522} -> {HKLM...Wow...CLSID} = ClipBookBtn Class \InProcServer32\(Default) = C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [Hewlett-Packard Co.] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Apple Mobile Device Service, Apple Mobile Device Service, "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [Apple Inc.] BBUpdate, BBUpdate, C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [Microsoft Corporation.] Bing Desktop Update service, BingDesktopUpdate, "C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe" [MS] Bonjour-service, Bonjour Service, "C:\Program Files\Bonjour\mDNSResponder.exe" [Apple Inc.] Bryton Bridge Service, BBService, C:\Program Files (x86)\BrytonBridge2\BBService.exe [null data] FLEXnet Licensing Service, FLEXnet Licensing Service, "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [Acresso Software Inc.] FontCache, FontCache, (null value) [file not found] HASP License Manager, hasplms, C:\Windows\system32\hasplms.exe -run [Aladdin Knowledge Systems Ltd.] HP CUE DeviceDiscovery-service, hpqddsvc, C:\Windows\system32\svchost.exe -k hpdevmgmt {C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [Hewlett-Packard Co.]} hpqcxs08, hpqcxs08, C:\Windows\system32\svchost.exe -k hpdevmgmt {C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [Hewlett-Packard Co.]} iPod-service, iPod Service, "C:\Program Files\iPod\bin\iPodService.exe" [Apple Inc.] lxbu_device, lxbu_device, C:\Windows\system32\lxbucoms.exe -service [ ] Microsoft Antimalware Service, MsMpSvc, "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [MS] MSCamSvc, MSCamSvc, "C:\Program Files (x86)\Microsoft LifeCam\MSCamS64.exe" [MS] Nero Update, NAUpdate, "C:\Program Files (x86)\Nero\Update\NASvc.exe" [Nero AG] Net Driver HPZ12, Net Driver HPZ12, C:\Windows\System32\svchost.exe -k HPZ12 {C:\Windows\system32\HPZinw12.dll [Hewlett-Packard]} NMSAccessU, NMSAccessU, F:\CDBurnerXP\NMSAccessU.exe [null data] NVIDIA Display Driver Service, nvsvc, "C:\Windows\system32\nvvsvc.exe" [NVIDIA Corporation] NVIDIA Update Service Daemon, nvUpdatusService, "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" [NVIDIA Corporation] Office Software Protection Platform, osppsvc, "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [MS] PC Tools Startup and Shutdown Monitor service, PCToolsSSDMonitorSvc, C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [PC Tools] Pml Driver HPZ12, Pml Driver HPZ12, C:\Windows\System32\svchost.exe -k HPZ12 {C:\Windows\system32\HPZipm12.dll [Hewlett-Packard]} Polar Daemon, Polar Daemon, "C:\Program Files (x86)\Polar\Daemon\polard.exe" [null data] Protexis Licensing V2, PSI_SVC_2, "C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" [Protexis Inc.] SQL Server (ACT7), MSSQL$ACT7, "F:\Program Files\MSSQL10_50.ACT7\MSSQL\Binn\sqlservr.exe" -sACT7 [MS] SQL Server Browser, SQLBrowser, "C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe" [MS] SQL Server VSS Writer, SQLWriter, "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [MS] Windows Live ID Sign-in Assistant, wlidsvc, "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [MS] Windows Presentation Foundation Font Cache 4.0.0.0, WPFFontCache_v0400, C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [MS] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <> MsMpSvc, Service HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <> MsMpSvc, Service Accessibility Tools: -------------------- HKCU\Software\Microsoft\Windows NT\CurrentVersion\AccessibilityTemp\ narrator = dword:0x00000000 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Accessibility\ATs\Narrator\ Description = Screen Reader StartExe = C:\Windows\System32\Narrator.exe [MS] Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ 6200 Series Port\Driver = lxbulmpm.dll [ ] Adobe PDF Port Monitor\Driver = AdobePDF.dll [Adobe Systems Inc] PCL hpz3l5mu\Driver = hpz3l5mu.dll [Hewlett-Packard Company] pdfcmon\Driver = pdfcmon.dll [pdfforge GbR] ==== Sysinternals Autoruns Log ====================== HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute autocheck autochk * autocheck autochk * Auto Check Utility (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\autochk.exe 11/04/2009 6:58 VT detection: Provider DLL failed to initialize correctly. C:\Users\Zakelijk - Estate Pl\AppData\Local\Microsoft\Windows Sidebar\Settings.ini Calendar C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget Browse the days of the calendar. (Not verified) Microsoft Corporation C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml 2/10/2012 17:17 VT detection: Provider DLL failed to initialize correctly. Clock C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget Watch the clock in your own time zone or any city in the world. (Not verified) Microsoft Corporation C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Gadget.xml 2/10/2012 17:17 VT detection: Provider DLL failed to initialize correctly. Weather C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget See what the weather looks like around the world. (Not verified) Microsoft Corporation C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Gadget.xml 2/10/2012 17:17 VT detection: Provider DLL failed to initialize correctly. HKLM\Software\Microsoft\Office\Outlook\Addins [DISABLED] Groove OutlookProxyAddIn HKCR\CLSID\{E886F1D9-7842-485D-8EDF-9E1C7062A483} Microsoft SharePoint Workspace Extensions (Not verified) Microsoft Corporation 14.0.4734.1000 c:\program files\microsoft office\office14\grooveex.dll 22/01/2010 4:10 VT detection: Provider DLL failed to initialize correctly. Connect Class HKCR\CLSID\{12E6A993-AE52-4F99-8B89-41F985E6C952} OutlookChangeNotifier (Not verified) Apple Inc. 17.32.0.101 c:\program files\common files\apple\mobile device support\outlookchangenotifieraddin.dll 8/01/2015 20:07 VT detection: Provider DLL failed to initialize correctly. Windows_Search_OutlookToolbar HKCR\CLSID\{F37AFD4F-E736-4980-8650-A486B1F2DF25} Outlook MSSearch Connector (Not verified) Microsoft Corporation 7.0.6002.18005 c:\windows\system32\mssphtb.dll 11/04/2009 9:06 VT detection: Provider DLL failed to initialize correctly. HKLM\SOFTWARE\Classes\Htmlfile\Shell\Open\Command\(Default) C:\Program Files (x86)\Internet Explorer\iexplore.exe Internet Explorer (Not verified) Microsoft Corporation 9.0.8112.16659 c:\program files (x86)\internet explorer\iexplore.exe 31/05/2015 1:48 VT detection: Provider DLL failed to initialize correctly. HKLM\System\CurrentControlSet\Services Adobe Version Cue CS4 "C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" -win32service Adobe Version Cue CS4 (Not verified) Adobe Systems Incorporated 4.0.1.0 c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe 20/10/2008 20:12 VT detection: Provider DLL failed to initialize correctly. AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Deze service zorgt ervoor dat uw installatie van Adobe Flash Player up-to-date blijft met de nieuwste correcties en beveiligingsverbeteringen. (Not verified) Adobe Systems Incorporated 18.0.0.209 c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe 12/07/2015 6:43 VT detection: Provider DLL failed to initialize correctly. AeLookupSvc %SystemRoot%\System32\aelupsvc.dll Processes application compatibility cache requests for applications as they are launched (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\aelupsvc.dll 2/11/2006 13:11 VT detection: Provider DLL failed to initialize correctly. ALG %SystemRoot%\System32\alg.exe Provides support for 3rd party protocol plug-ins for Internet Connection Sharing (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\alg.exe 19/01/2008 8:35 VT detection: Provider DLL failed to initialize correctly. Appinfo %SystemRoot%\System32\appinfo.dll Facilitates the running of interactive applications with additional administrative privileges. If this service is stopped, users will be unable to launch applications with the additional administrative privileges they may require to perform desired user tasks. (Not verified) Microsoft Corporation 6.0.6002.19116 c:\windows\system32\appinfo.dll 2/06/2014 23:29 VT detection: Provider DLL failed to initialize correctly. Apple Mobile Device Service "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" Provides the interface to Apple mobile devices. (Not verified) Apple Inc. 17.344.6.6 c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe 19/12/2014 14:38 VT detection: Provider DLL failed to initialize correctly. aspnet_state %SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 4.0.30319.18408 c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe 12/09/2013 2:30 VT detection: Provider DLL failed to initialize correctly. AudioEndpointBuilder %SystemRoot%\System32\Audiosrv.dll Manages audio devices for the Windows Audio service. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start (Not verified) Microsoft Corporation 6.0.6002.19201 c:\windows\system32\audiosrv.dll 3/10/2014 3:02 VT detection: Provider DLL failed to initialize correctly. AudioSrv %SystemRoot%\System32\Audiosrv.dll Manages audio for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start (Not Verified) Microsoft Corporation 6.0.6002.19201 c:\windows\system32\audiosrv.dll 3/10/2014 3:02 VT detection: Provider DLL failed to initialize correctly. BBService C:\Program Files (x86)\BrytonBridge2\BBService.exe Bryton Bridge service ,http://www.brytonbridge.com c:\program files (x86)\brytonbridge2\bbservice.exe 29/01/2013 5:20 VT detection: Provider DLL failed to initialize correctly. BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar. (Not verified) Microsoft Corporation. 7.1.362.0 c:\program files (x86)\microsoft\bingbar\7.1.362.0\bbsvc.exe 14/02/2012 7:14 VT detection: Provider DLL failed to initialize correctly. BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar. (Not verified) Microsoft Corporation. 7.1.362.0 c:\program files (x86)\microsoft\bingbar\7.1.362.0\seaport.exe 14/02/2012 7:14 VT detection: Provider DLL failed to initialize correctly. BingDesktopUpdate "C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe" Bing Desktop Update Service (Not verified) Microsoft Corp. 1.3.470.0 c:\program files (x86)\microsoft\bingdesktop\bingdesktopupdater.exe 3/06/2014 7:37 VT detection: Provider DLL failed to initialize correctly. BITS %SystemRoot%\System32\qmgr.dll @%SystemRoot%\system32\qmgr.dll,-1001 (Not verified) Microsoft Corporation 7.0.6002.18005 c:\windows\system32\qmgr.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. Bonjour Service "C:\Program Files\Bonjour\mDNSResponder.exe" Zorgt ervoor dat apparatuur en softwareservices automatisch worden geconfigureerd in het netwerk en hun aanwezigheid bekendmaken. (Not verified) Apple Inc. 3.0.0.10 c:\program files\bonjour\mdnsresponder.exe 31/08/2011 7:52 VT detection: Provider DLL failed to initialize correctly. Browser %SystemRoot%\System32\browser.dll Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\browser.dll 19/01/2008 9:54 VT detection: Provider DLL failed to initialize correctly. CertPropSvc %SystemRoot%\System32\certprop.dll Propagates certificates from smart cards. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\certprop.dll 11/04/2009 9:04 VT detection: Provider DLL failed to initialize correctly. clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe Microsoft .NET Framework NGEN (Not verified) Microsoft Corporation 4.0.30319.18408 c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe 12/09/2013 2:23 VT detection: Provider DLL failed to initialize correctly. clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe Microsoft .NET Framework NGEN (Not verified) Microsoft Corporation 4.0.30319.18408 c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe 12/09/2013 2:04 VT detection: Provider DLL failed to initialize correctly. COMSysApp %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\dllhost.exe 2/11/2006 11:35 VT detection: Provider DLL failed to initialize correctly. CryptSvc %SystemRoot%\system32\cryptsvc.dll Provides four management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enable scenarios such as SSL; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18881 c:\windows\system32\cryptsvc.dll 8/07/2013 6:17 VT detection: Provider DLL failed to initialize correctly. DcomLaunch %SystemRoot%\system32\rpcss.dll Provides launch functionality for DCOM services. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\rpcss.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. DFSR %SystemRoot%\system32\DFSR.exe Enables you to synchronize folders on multiple servers across local or wide area network (WAN) network connections. This service uses the Remote Differential Compression (RDC) protocol to update only the portions of files that have changed since the last replication. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\dfsr.exe 11/04/2009 6:57 VT detection: Provider DLL failed to initialize correctly. Dhcp %SystemRoot%\system32\dhcpcsvc.dll Registers and updates IP addresses and DNS records for this computer. If this service is stopped, this computer will not receive dynamic IP addresses and DNS updates. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\dhcpcsvc.dll 11/04/2009 9:04 VT detection: Provider DLL failed to initialize correctly. Dnscache %SystemRoot%\System32\dnsrslvr.dll The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. If the service is stopped, DNS names will continue to be resolved. However, the results of DNS name queries will not be cached and the computer's name will not be registered. If the service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18416 c:\windows\system32\dnsrslvr.dll 2/03/2011 18:12 VT detection: Provider DLL failed to initialize correctly. dot3svc %SystemRoot%\System32\dot3svc.dll This service performs IEEE 802.1X authentication on Ethernet interfaces (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\dot3svc.dll 11/04/2009 9:05 VT detection: Provider DLL failed to initialize correctly. DPS %SystemRoot%\system32\dps.dll The Diagnostic Policy Service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, diagnostics will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\dps.dll 19/01/2008 9:55 VT detection: Provider DLL failed to initialize correctly. EapHost %SystemRoot%\System32\eapsvc.dll The Extensible Authentication Protocol (EAP) service provides network authentication in such scenarios as 802.1x wired and wireless, VPN, and Network Access Protection (NAP). EAP also provides application programming interfaces (APIs) that are used by network access clients, including wireless and VPN clients, during the authentication process. If you disable this service, this computer is prevented from accessing networks that require EAP authentication. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\eapsvc.dll 19/01/2008 9:54 VT detection: Provider DLL failed to initialize correctly. ehRecvr %systemroot%\ehome\ehRecvr.exe Windows Media Center Service for TV and FM broadcast reception (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\ehome\ehrecvr.exe 19/01/2008 8:51 VT detection: Provider DLL failed to initialize correctly. ehSched %systemroot%\ehome\ehsched.exe Starts and stops recording of TV programs within Windows Media Center (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\ehome\ehsched.exe 19/01/2008 8:51 VT detection: Provider DLL failed to initialize correctly. ehstart %SystemRoot%\ehome\ehstart.dll Starts Windows Media Center Scheduler and Windows Media Center Receiver services at startup if TV is enabled within Windows Media Center. (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\ehome\ehstart.dll 2/11/2006 13:12 VT detection: Provider DLL failed to initialize correctly. EMDMgmt %systemroot%\system32\emdmgmt.dll Provides support for improving system performance using ReadyBoost. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\emdmgmt.dll 11/04/2009 9:05 VT detection: Provider DLL failed to initialize correctly. Eventlog %SystemRoot%\System32\wevtsvc.dll This service manages events and event logs. It supports logging events, querying events, subscribing to events, archiving event logs, and managing event metadata. It can display events in both XML and plain text format. Stopping this service may compromise security and reliability of the system. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\wevtsvc.dll 11/04/2009 9:09 VT detection: Provider DLL failed to initialize correctly. EventSystem %systemroot%\system32\es.dll Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 2001.12.6932.18005 c:\windows\system32\es.dll 11/04/2009 9:07 VT detection: Provider DLL failed to initialize correctly. Fabs C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe /DisableUI Watches filechanges, does automatic backups and configuration stuff. (Not verified) MAGIX AG 2.1.27.0 c:\program files (x86)\common files\magix services\database\bin\fabs.exe 27/08/2009 17:09 VT detection: Provider DLL failed to initialize correctly. fdPHost %SystemRoot%\system32\fdPHost.dll Host process for Function Discovery providers. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\fdphost.dll 19/01/2008 9:55 VT detection: Provider DLL failed to initialize correctly. FDResPub %SystemRoot%\system32\fdrespub.dll Publishes this computer and resources attached to this computer so they can be discovered over the network. If this service is stopped, network resources will no longer be published and they will not be discovered by other computers on the network. (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\fdrespub.dll 2/11/2006 13:11 VT detection: Provider DLL failed to initialize correctly. FirebirdServerMAGIXInstance "C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe" Special build to run beside other versions of firebird (Not verified) MAGIXr 2.1.1.0 c:\program files (x86)\common files\magix services\database\bin\fbserver.exe 7/08/2008 11:10 VT detection: Provider DLL failed to initialize correctly. FLEXnet Licensing Service "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" This service performs licensing functions on behalf of FLEXnet enabled products. (Not verified) Acresso Software Inc. 11.6.0.1 c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe 6/05/2008 17:26 VT detection: Provider DLL failed to initialize correctly. FLEXnet Licensing Service 64 "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe" This service performs licensing functions on behalf of FLEXnet enabled products. (Not verified) Acresso Software Inc. 11.6.0.1 c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe 6/05/2008 17:17 VT detection: Provider DLL failed to initialize correctly. FontCache %SystemRoot%\system32\FntCache.dll @%systemroot%\system32\FntCache.dll,-101 (Not verified) Microsoft Corporation 7.0.6002.23680 c:\windows\system32\fntcache.dll 18/04/2015 1:33 VT detection: Provider DLL failed to initialize correctly. Futuremark SystemInfo Service "C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe" Futuremark SystemInfo Service (Not verified) Futuremark Corporation 4.11.0.0 c:\program files (x86)\futuremark\futuremark systeminfo\fmsisvc.exe 10/08/2012 11:42 VT detection: Provider DLL failed to initialize correctly. gpsvc %SystemRoot%\System32\gpsvc.dll The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. If the service is stopped or disabled, the settings will not be applied and applications and components will not be manageable through Group Policy. Any components or applications that depend on the Group Policy component might not be functional if the service is stopped or disabled. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\gpsvc.dll 11/04/2009 9:04 VT detection: Provider DLL failed to initialize correctly. gupdate "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc Zorgt ervoor dat u altijd beschikt over de nieuwste Google-software. Als deze service wordt uitgeschakeld of afgebroken, wordt uw Google-software niet bijgewerkt. Hierdoor kunnen beveiligingsrisico's mogelijk niet worden verholpen of kunnen bepaalde functies niet werken. Deze service verwijdert zichzelf wanneer er geen Google-software is waarvoor de service wordt gebruikt. (Not verified) Google Inc. 1.3.25.5 c:\program files (x86)\google\update\googleupdate.exe 30/09/2014 3:19 VT detection: Provider DLL failed to initialize correctly. gupdatem "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc Zorgt ervoor dat u altijd beschikt over de nieuwste Google-software. Als deze service wordt uitgeschakeld of afgebroken, wordt uw Google-software niet bijgewerkt. Hierdoor kunnen beveiligingsrisico's mogelijk niet worden verholpen of kunnen bepaalde functies niet werken. Deze service verwijdert zichzelf wanneer er geen Google-software is waarvoor de service wordt gebruikt. (Not Verified) Google Inc. 1.3.25.5 c:\program files (x86)\google\update\googleupdate.exe 30/09/2014 3:19 VT detection: Provider DLL failed to initialize correctly. gusvc "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" Google Updater houdt uw Google-software bij. Als Google Updater is uitgeschakeld of wordt stopgezet, wordt uw Google-software niet bijgewerkt naar de nieuwste versies, waardoor beveiligingsrisico's ontstaan die mogelijk niet opgelost kunnen worden, en bepaalde functies kunnen het laten afweten. (Not verified) Google 2.4.2617.4952 c:\program files (x86)\google\common\google updater\googleupdaterservice.exe 2/03/2012 23:13 VT detection: Provider DLL failed to initialize correctly. hasplms C:\Windows\system32\hasplms.exe -run Manages licenses secured by Aladdin HASP. (Not verified) Aladdin Knowledge Systems Ltd. 12.10.1.2088 c:\windows\system32\hasplms.exe 11/03/2007 13:38 VT detection: Provider DLL failed to initialize correctly. hidserv %SystemRoot%\system32\hidserv.dll Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\hidserv.dll 11/04/2009 9:05 VT detection: Provider DLL failed to initialize correctly. hkmsvc %SystemRoot%\system32\kmsvc.dll Provides X.509 certificate and key management services for the Network Access Protection Agent (NAPAgent). Enforcement technologies that use X.509 certificates may not function properly without this service (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\kmsvc.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll HP CUE Context Manager Objects (Not verified) Hewlett-Packard Co. 130.0.80.0 c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll 22/05/2009 3:21 VT detection: Provider DLL failed to initialize correctly. hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll Met deze service worden CUE-apparaten op het systeem opgespoord en gevolgd. (Not verified) Hewlett-Packard Co. 100.0.190.0 c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll 7/11/2007 6:20 VT detection: Provider DLL failed to initialize correctly. IDriverT "C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" Provides support for the Running Object Table for InstallShield Drivers (Not verified) Macrovision Corporation 11.0.0.28844 c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe 4/04/2005 7:41 VT detection: Provider DLL failed to initialize correctly. idsvc "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" Securely enables the creation, management, and disclosure of digital identities. (Not verified) Microsoft Corporation 3.0.4506.4223 c:\windows\microsoft.net\framework64\v3.0\windows communication foundation\infocard.exe 26/06/2014 8:26 VT detection: Provider DLL failed to initialize correctly. IKEEXT %SystemRoot%\System32\ikeext.dll The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec). Stopping or disabling the IKEEXT service will disable IKE and AuthIP key exchange with peer computers. IPsec is typically configured to use IKE or AuthIP; therefore, stopping or disabling the IKEEXT service might result in an IPsec failure and might compromise the security of the system. It is strongly recommended that you have the IKEEXT service running. (Not verified) Microsoft Corporation 6.0.6002.18960 c:\windows\system32\ikeext.dll 11/10/2013 6:24 VT detection: Provider DLL failed to initialize correctly. IPBusEnum %SystemRoot%\system32\ipbusenum.dll The PnP-X bus enumerator service manages the virtual network bus. It discovers network connected devices using the SSDP/WS discovery protocols and gives them presence in PnP. If this service is stopped or disabled, presence of NCD devices will not be maintained in PnP. All pnpx based scenarios will stop functioning. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\ipbusenum.dll 19/01/2008 9:57 VT detection: Provider DLL failed to initialize correctly. iPod Service "C:\Program Files\iPod\bin\iPodService.exe" Services voor iPod-hardwarebeheer (Not verified) Apple Inc. 12.1.2.27 c:\program files\ipod\bin\ipodservice.exe 7/04/2015 7:04 VT detection: Provider DLL failed to initialize correctly. KeyIso %SystemRoot%\system32\lsass.exe The CNG key isolation service is hosted in the LSA process. The service provides key process isolation to private keys and associated cryptographic operations as required by the Common Criteria. The service stores and uses long-lived keys in a secure process complying with Common Criteria requirements. (Not verified) Microsoft Corporation 6.0.6002.18541 c:\windows\system32\lsass.exe 16/11/2011 16:34 VT detection: Provider DLL failed to initialize correctly. KtmRm %systemroot%\system32\msdtckrm.dll Coordinates transactions between MSDTC and the Kernel Transaction Manager (KTM). (Not verified) Microsoft Corporation 2001.12.6931.18000 c:\windows\system32\msdtckrm.dll 19/01/2008 9:57 VT detection: Provider DLL failed to initialize correctly. LanmanServer %SystemRoot%\system32\srvsvc.dll Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18306 c:\windows\system32\srvsvc.dll 6/09/2010 20:30 VT detection: Provider DLL failed to initialize correctly. LanmanWorkstation %SystemRoot%\System32\wkssvc.dll Creates and maintains client network connections to remote servers using the SMB protocol. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18049 c:\windows\system32\wkssvc.dll 10/06/2009 13:54 VT detection: Provider DLL failed to initialize correctly. LBTServ C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe Logitech Bluetooth Service (Not verified) Logitech, Inc. 4.60.122.0 c:\program files\common files\logitech\bluetooth\lbtserv.exe 2/05/2008 11:15 VT detection: Provider DLL failed to initialize correctly. lltdsvc %SystemRoot%\System32\lltdsvc.dll Creates a Network Map, consisting of PC and device topology (connectivity) information, and metadata describing each PC and device. If this service is disabled, the Network Map will not function properly. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\lltdsvc.dll 19/01/2008 9:56 VT detection: Provider DLL failed to initialize correctly. lmhosts %SystemRoot%\System32\lmhsvc.dll Provides support for the NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution for clients on the network, therefore enabling users to share files, print, and log on to the network. If this service is stopped, these functions might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\lmhsvc.dll 19/01/2008 9:56 VT detection: Provider DLL failed to initialize correctly. lxbu_device C:\Windows\system32\lxbucoms.exe -service Printer Communication System (Not verified) 6.4.29.0 c:\windows\system32\lxbucoms.exe 4/04/2007 18:08 VT detection: Provider DLL failed to initialize correctly. Microsoft SharePoint Workspace Audit Service "C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE" /auditservice Microsoft SharePoint Workspace (Not verified) Microsoft Corporation 14.0.4734.1000 c:\program files (x86)\microsoft office\office14\groove.exe 22/01/2010 3:44 VT detection: Provider DLL failed to initialize correctly. MMCSS %SystemRoot%\system32\mmcss.dll Enables relative prioritization of work based on system-wide task priorities. This is intended mainly for multimedia applications. If this service is stopped, individual tasks resort to their default priority. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\mmcss.dll 19/01/2008 9:56 VT detection: Provider DLL failed to initialize correctly. MozillaMaintenance "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled. (Not verified) Mozilla Foundation 37.0.1.5570 c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe 3/04/2015 6:20 VT detection: Provider DLL failed to initialize correctly. MSCamSvc "C:\Program Files (x86)\Microsoft LifeCam\MSCamS64.exe" MsCamSvc.exe (Not verified) Microsoft Corporation 1.40.164.0 c:\program files (x86)\microsoft lifecam\mscams64.exe 11/05/2007 3:43 VT detection: Provider DLL failed to initialize correctly. MSDTC %SystemRoot%\System32\msdtc.exe Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 2001.12.6931.18000 c:\windows\system32\msdtc.exe 19/01/2008 8:27 VT detection: Provider DLL failed to initialize correctly. MSiSCSI %systemroot%\system32\iscsiexe.dll Manages Internet SCSI (iSCSI) sessions from this computer to remote iSCSI target devices. If this service is stopped, this computer will not be able to login or access iSCSI targets. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\iscsiexe.dll 19/01/2008 9:57 VT detection: Provider DLL failed to initialize correctly. msiserver %systemroot%\system32\msiexec /V Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 4.5.6002.18005 c:\windows\system32\msiexec.exe 11/04/2009 7:15 VT detection: Provider DLL failed to initialize correctly. MsMpSvc "C:\Program Files\Microsoft Security Client\MsMpEng.exe" Helps protect users from malware and other potentially unwanted software (Not verified) Microsoft Corporation 4.8.204.0 c:\program files\microsoft security client\msmpeng.exe 30/04/2015 10:42 VT detection: Provider DLL failed to initialize correctly. MSSQL$ACT7 "F:\Program Files\MSSQL10_50.ACT7\MSSQL\Binn\sqlservr.exe" -sACT7 Provides storage, processing and controlled access of data, and rapid transaction processing. (Not verified) Microsoft Corporation 2009.100.2500.0 f:\program files\mssql10_50.act7\mssql\binn\sqlservr.exe 17/06/2011 16:18 VT detection: Provider DLL failed to initialize correctly. MSSQLServerADHelper100 "C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE" Enables integration with Active Directories (Not verified) Microsoft Corporation 2009.100.1600.1 c:\program files\microsoft sql server\100\shared\sqladhlp.exe 3/04/2010 1:11 VT detection: Provider DLL failed to initialize correctly. napagent %SystemRoot%\system32\qagentRT.dll Enables Network Access Protection (NAP) functionality on client computers (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\qagentrt.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. NAUpdate "C:\Program Files (x86)\Nero\Update\NASvc.exe" Provides access to Nero application updates and manages Nero applications. (Not verified) Nero AG 1.0.17.0 c:\program files (x86)\nero\update\nasvc.exe 25/03/2010 15:38 VT detection: Provider DLL failed to initialize correctly. Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll Dot4Net Module (Not verified) Hewlett-Packard 12.2.6.51 c:\windows\system32\hpzinw12.dll 6/08/2010 7:45 VT detection: Provider DLL failed to initialize correctly. Netman %SystemRoot%\System32\netman.dll Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\netman.dll 19/01/2008 9:57 VT detection: Provider DLL failed to initialize correctly. netprofm %SystemRoot%\System32\netprofm.dll Identifies the networks to which the computer has connected, collects and stores properties for these networks, and notifies applications when these properties change. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\netprofm.dll 19/01/2008 9:57 VT detection: Provider DLL failed to initialize correctly. NisSrv "C:\Program Files\Microsoft Security Client\NisSrv.exe" Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols (Not verified) Microsoft Corporation 4.8.204.0 c:\program files\microsoft security client\nissrv.exe 30/04/2015 10:42 VT detection: Provider DLL failed to initialize correctly. NlaSvc %SystemRoot%\System32\nlasvc.dll Collects and stores configuration information for the network and notifies programs when this information is modified. If this service is stopped, configuration information might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.19250 c:\windows\system32\nlasvc.dll 6/12/2014 4:55 VT detection: Provider DLL failed to initialize correctly. NMSAccessU F:\CDBurnerXP\NMSAccessU.exe f:\cdburnerxp\nmsaccessu.exe 25/01/2007 11:52 VT detection: Provider DLL failed to initialize correctly. nosGetPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll getPlus(R) Helper (Not verified) NOS Microsystems Ltd. 3.0.0.4 c:\program files (x86)\nos\bin\getplus_helper_3004.dll 4/01/2011 13:17 VT detection: Provider DLL failed to initialize correctly. nsi %systemroot%\system32\nsisvc.dll This service delivers network notifications (e.g. interface addition/deleting etc) to user mode clients. Stopping this service will cause loss of network connectivity. If this service is disabled, any other services that explicitly depend on this service will fail to start. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\nsisvc.dll 19/01/2008 9:59 VT detection: Provider DLL failed to initialize correctly. nvsvc "C:\Windows\system32\nvvsvc.exe" Provides system and desktop level support to the NVIDIA display driver (Not verified) NVIDIA Corporation 8.17.13.2049 c:\windows\system32\nvvsvc.exe 21/06/2013 11:22 VT detection: Provider DLL failed to initialize correctly. nvUpdatusService "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server. (Not verified) NVIDIA Corporation 7.2.17.0 c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe 27/07/2013 10:26 VT detection: Provider DLL failed to initialize correctly. ose "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" Hiermee worden de installatiebestanden opgeslagen die worden gebruikt voor het bijwerken en herstellen. Dit is vereist voor het downloaden van updates van Setup en van Watson-foutrapporten. (Not verified) Microsoft Corporation 14.0.4730.1010 c:\program files (x86)\common files\microsoft shared\source engine\ose.exe 10/01/2010 6:16 VT detection: Provider DLL failed to initialize correctly. osppsvc "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" Office Software Protection Platform Service (unlocalized description) (Not verified) Microsoft Corporation 14.0.370.400 c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe 12/08/2009 4:00 VT detection: Provider DLL failed to initialize correctly. p2pimsvc %SystemRoot%\system32\p2psvc.dll Provides Identity service for Peer Networking (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\p2psvc.dll 11/04/2009 9:07 VT detection: Provider DLL failed to initialize correctly. p2psvc %SystemRoot%\system32\p2psvc.dll Provides Peer Networking Grouping services (Not Verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\p2psvc.dll 11/04/2009 9:07 VT detection: Provider DLL failed to initialize correctly. PcaSvc %SystemRoot%\System32\pcasvc.dll Provides support for the Program Compatibility Assistant. If this service is stopped, the Program Compatibility Assistant will not function properly. If this service is disabled, any services that depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\pcasvc.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe PC Tools Startup and Shutdown Monitor service (Not verified) PC Tools 11.0.0.277 c:\program files (x86)\common files\pc tools\smonitor\startmansvc.exe 25/10/2011 4:36 VT detection: Provider DLL failed to initialize correctly. PerfHost %SystemRoot%\SysWow64\perfhost.exe Enables remote users and 64-bit processes to query performance counters provided by 32-bit DLLs. If this service is stopped, only local users and 32-bit processes will be able to query performance counters provided by 32-bit DLLs. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\syswow64\perfhost.exe 19/01/2008 7:32 VT detection: Provider DLL failed to initialize correctly. pla %systemroot%\system32\pla.dll Performance Logs and Alerts Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\pla.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. PlugPlay %SystemRoot%\system32\umpnpmgr.dll Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\umpnpmgr.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll PmlDrv Module (Not verified) Hewlett-Packard 12.2.6.51 c:\windows\system32\hpzipm12.dll 6/08/2010 7:45 VT detection: Provider DLL failed to initialize correctly. PNRPAutoReg %SystemRoot%\system32\p2psvc.dll This service publishes a machine name using the Peer Name Resolution Protocol. Configuration is managed via the netsh context 'p2p pnrp peer' (Not Verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\p2psvc.dll 11/04/2009 9:07 VT detection: Provider DLL failed to initialize correctly. PNRPsvc %SystemRoot%\system32\p2psvc.dll Enables Serverless Peer Name Resolution over the Internet. If disabled, some Peer to Peer and Collaborative applications, such as Windows Meetings, may not function (Not Verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\p2psvc.dll 11/04/2009 9:07 VT detection: Provider DLL failed to initialize correctly. Polar Daemon "C:\Program Files (x86)\Polar\Daemon\polard.exe" c:\program files (x86)\polar\daemon\polard.exe 15/06/2009 12:14 VT detection: Provider DLL failed to initialize correctly. PolicyAgent %SystemRoot%\System32\ipsecsvc.dll Internet Protocol security (IPsec) supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection. This service enforces IPsec policies created through the IP Security Policies snap-in or the command-line tool "netsh ipsec". If you stop this service, you may experience network connectivity issues if your policy requires that connections use IPsec. Also,remote management of Windows Firewall is not available when this service is stopped. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\ipsecsvc.dll 11/04/2009 9:07 VT detection: Provider DLL failed to initialize correctly. ProfSvc %systemroot%\system32\profsvc.dll This service is responsible for loading and unloading user profiles. If this service is stopped or disabled, users will no longer be able to successfully logon or logoff, applications may have problems getting to users' data, and components registered to receive profile event notifications will not receive them. (Not verified) Microsoft Corporation 6.0.6002.19250 c:\windows\system32\profsvc.dll 6/12/2014 4:54 VT detection: Provider DLL failed to initialize correctly. ProtectedStorage %SystemRoot%\system32\lsass.exe Provides protected storage for sensitive data, such as passwords, to prevent access by unauthorized services, processes, or users. (Not Verified) Microsoft Corporation 6.0.6002.18541 c:\windows\system32\lsass.exe 16/11/2011 16:34 VT detection: Provider DLL failed to initialize correctly. PSI_SVC_2 "C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" This service provides Protexis licensing functionalty. (Not verified) Protexis Inc. 2.0.1.155 c:\program files (x86)\common files\protexis\license service\psiservice_2.exe 8/02/2008 17:41 VT detection: Provider DLL failed to initialize correctly. QWAVE %windir%\system32\qwave.dll Quality Windows Audio Video Experience (qWave) is a networking platform for Audio Video (AV) streaming applications on IP home networks. qWave enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications. It provides mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\qwave.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. RasAuto %SystemRoot%\System32\rasauto.dll Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\rasauto.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. RasMan %SystemRoot%\System32\rasmans.dll Manages dial-up and virtual private network (VPN) connections from this computer to the Internet or other remote networks. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\rasmans.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. RpcLocator %SystemRoot%\system32\locator.exe Manages the RPC name service database. (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\locator.exe 2/11/2006 11:35 VT detection: Provider DLL failed to initialize correctly. RpcSs %SystemRoot%\system32\rpcss.dll Serves as the endpoint mapper and COM Service Control Manager. If this service is stopped or disabled, programs using COM or Remote Procedure Call (RPC) services will not function properly. (Not Verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\rpcss.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. Sage ACT! Scheduler "F:\ACT\Act.Scheduler.exe" Sage ACT! Scheduler service for scheduling ACT! tasks. (Not verified) Sage Software, Inc. 13.1.111.0 f:\act\act.scheduler.exe 21/12/2010 23:38 VT detection: Provider DLL failed to initialize correctly. SamSs %SystemRoot%\system32\lsass.exe The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests. Disabling this service will prevent other services in the system from being notified when the SAM is ready, which may in turn cause those services to fail to start correctly. This service should not be disabled. (Not Verified) Microsoft Corporation 6.0.6002.18541 c:\windows\system32\lsass.exe 16/11/2011 16:34 VT detection: Provider DLL failed to initialize correctly. SCardSvr %SystemRoot%\System32\SCardSvr.dll Manages access to smart cards read by this computer. If this service is stopped, this computer will be unable to read smart cards. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\scardsvr.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. Schedule %systemroot%\system32\schedsvc.dll Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18342 c:\windows\system32\schedsvc.dll 6/11/2010 13:18 VT detection: Provider DLL failed to initialize correctly. SCPolicySvc %SystemRoot%\System32\certprop.dll Allows the system to be configured to lock the user desktop upon smart card removal. (Not Verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\certprop.dll 11/04/2009 9:04 VT detection: Provider DLL failed to initialize correctly. SDRSVC %Systemroot%\System32\SDRSVC.dll Provides Windows Backup and Restore capabilities. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\sdrsvc.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. seclogon %windir%\system32\seclogon.dll Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\seclogon.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. SENS %SystemRoot%\System32\sens.dll Monitors system events and notifies subscribers to COM+ Event System of these events. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\sens.dll 19/01/2008 9:59 VT detection: Provider DLL failed to initialize correctly. SessionEnv %SystemRoot%\system32\sessenv.dll Terminal Services Configuration service (TSCS) is responsible for all Terminal Services and Remote Desktop related configuration and session maintenance activities that require SYSTEM context. These include per-session temporary folders, TS themes, and TS certificates. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\sessenv.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. SkypeUpdate "C:\Program Files (x86)\Skype\Updater\Updater.exe" Enables the detection, download and installation of updates for Skype. (Not verified) Skype Technologies 7.0.0.371 c:\program files (x86)\skype\updater\updater.exe 11/12/2014 12:20 VT detection: Provider DLL failed to initialize correctly. slsvc %SystemRoot%\system32\SLsvc.exe Enables the download, installation and enforcement of digital licenses for Windows and Windows applications. If the service is disabled, the operating system and licensed applications may run in a notification mode. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\slsvc.exe 11/04/2009 8:34 VT detection: Provider DLL failed to initialize correctly. SLUINotify %SystemRoot%\system32\SLUINotify.dll Provides Software Licensing activation and notification (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\sluinotify.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. Spooler %SystemRoot%\System32\spoolsv.exe Loads files to memory for later printing (Not verified) Microsoft Corporation 6.0.6002.18294 c:\windows\system32\spoolsv.exe 17/08/2010 16:54 VT detection: Provider DLL failed to initialize correctly. SQLBrowser "C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe" Provides SQL Server connection information to client computers. (Not verified) Microsoft Corporation 2009.100.1600.1 c:\program files (x86)\microsoft sql server\90\shared\sqlbrowser.exe 3/04/2010 1:13 VT detection: Provider DLL failed to initialize correctly. SQLWriter "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure. (Not verified) Microsoft Corporation 2009.100.1600.1 c:\program files\microsoft sql server\90\shared\sqlwriter.exe 3/04/2010 1:11 VT detection: Provider DLL failed to initialize correctly. SSDPSRV %SystemRoot%\System32\ssdpsrv.dll Discovers networked devices and services that use the SSDP discovery protocol, such as UPnP devices. Also announces SSDP devices and services running on the local computer. If this service is stopped, SSDP-based devices will not be discovered. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\ssdpsrv.dll 19/01/2008 10:00 VT detection: Provider DLL failed to initialize correctly. SstpSvc %SystemRoot%\system32\sstpsvc.dll Provides support for the Secure Socket Tunneling Protocol (SSTP) to connect to remote computers using VPN. If this service is disabled, users will not be able to use SSTP to access remote servers. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\sstpsvc.dll 19/01/2008 10:00 VT detection: Provider DLL failed to initialize correctly. Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService Steam Client Service monitors and updates Steam content (Not verified) Valve Corporation 1.32.2.36 c:\program files (x86)\common files\steam\steamservice.exe 22/02/2012 2:53 VT detection: Provider DLL failed to initialize correctly. stisvc %SystemRoot%\System32\wiaservc.dll Provides image acquisition services for scanners and cameras (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\wiaservc.dll 11/04/2009 9:09 VT detection: Provider DLL failed to initialize correctly. swprv %Systemroot%\System32\swprv.dll Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\swprv.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. syshost32 "C:\Windows\Installer\{464336C9-2BC6-646D-79B6-F96259942A86}\syshost.exe" /service File not found: C:\Windows\Installer\{464336C9-2BC6-646D-79B6-F96259942A86}\syshost.exe /service SysMain %systemroot%\system32\sysmain.dll Maintains and improves system performance over time. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\sysmain.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. TabletInputService %SystemRoot%\System32\TabSvc.dll Enables Tablet PC pen and ink functionality (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\tabsvc.dll 2/11/2006 13:14 VT detection: Provider DLL failed to initialize correctly. TapiSrv %SystemRoot%\System32\tapisrv.dll Provides Telephony API (TAPI) support for programs that control telephony devices on the local computer and, through the LAN, on servers that are also running the service. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\tapisrv.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. TBS %SystemRoot%\System32\tbssvc.dll Enables access to the Trusted Platform Module (TPM), which provides hardware-based cryptographic services to system components and applications. If this service is stopped or disabled, applications will be unable to use keys protected by the TPM. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\tbssvc.dll 19/01/2008 9:59 VT detection: Provider DLL failed to initialize correctly. TermService %SystemRoot%\System32\termsrv.dll Allows users to connect interactively to a remote computer. Remote Desktop and Terminal Server depend on this service. To prevent remote use of this computer, clear the checkboxes on the Remote tab of the System properties control panel item. (Not verified) Microsoft Corporation 6.0.6002.19214 c:\windows\system32\termsrv.dll 10/10/2014 3:10 VT detection: Provider DLL failed to initialize correctly. Themes %SystemRoot%\system32\shsvcs.dll Provides user experience theme management. (Not verified) Microsoft Corporation 6.0.6002.18063 c:\windows\system32\shsvcs.dll 10/07/2009 13:51 VT detection: Provider DLL failed to initialize correctly. THREADORDER %SystemRoot%\system32\mmcss.dll Provides ordered execution for a group of threads within a specific period of time. (Not Verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\mmcss.dll 19/01/2008 9:56 VT detection: Provider DLL failed to initialize correctly. Time C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe File not found: C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe TrkWks %SystemRoot%\System32\trkwks.dll Maintains links between NTFS files within a computer or across computers in a network. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\trkwks.dll 19/01/2008 9:59 VT detection: Provider DLL failed to initialize correctly. TrustedInstaller %SystemRoot%\servicing\TrustedInstaller.exe Enables installation, modification, and removal of Windows updates and optional components. If this service is disabled, install or uninstall of Windows updates might fail for this computer. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\servicing\trustedinstaller.exe 11/04/2009 7:08 VT detection: Provider DLL failed to initialize correctly. UI0Detect %SystemRoot%\system32\UI0Detect.exe Enables user notification of user input for interactive services, which enables access to dialogs created by interactive services when they appear. If this service is stopped, notifications of new interactive service dialogs will no longer function and there may no longer be access to interactive service dialogs. If this service is disabled, both notifications of and access to new interactive service dialogs will no longer function. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\ui0detect.exe 19/01/2008 8:17 VT detection: Provider DLL failed to initialize correctly. upnphost %SystemRoot%\System32\upnphost.dll Allows UPnP devices to be hosted on this computer. If this service is stopped, any hosted UPnP devices will stop functioning and no additional hosted devices can be added. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\upnphost.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. UxSms %SystemRoot%\System32\uxsms.dll Provides Desktop Window Manager startup and maintenance services (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\uxsms.dll 11/04/2009 9:09 VT detection: Provider DLL failed to initialize correctly. vds %SystemRoot%\System32\vds.exe Provides management services for disks, volumes, file systems, and storage arrays. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\vds.exe 11/04/2009 7:35 VT detection: Provider DLL failed to initialize correctly. VSS %systemroot%\system32\vssvc.exe Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\vssvc.exe 11/04/2009 7:36 VT detection: Provider DLL failed to initialize correctly. W32Time %systemroot%\system32\w32time.dll Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\w32time.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. wampapache "F:\wamp\bin\apache\apache2.2.21\bin\httpd.exe" -k runservice Apache/2.2.21 (Win32) PHP/5.3.8 (Not verified) Apache Software Foundation 2.2.21.0 f:\wamp\bin\apache\apache2.2.21\bin\httpd.exe 10/09/2011 11:43 VT detection: Provider DLL failed to initialize correctly. wampmysqld F:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe wampmysqld 5.5.16.0 f:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe 9/09/2011 19:46 VT detection: Provider DLL failed to initialize correctly. wcncsvc %SystemRoot%\System32\wcncsvc.dll Act as a Registrar, issues network credential to Enrollee. If this service is disabled, the Windows Connect Now - Config Registrar will not function properly. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\wcncsvc.dll 11/04/2009 9:09 VT detection: Provider DLL failed to initialize correctly. WcsPlugInService %SystemRoot%\System32\WcsPlugInService.dll The WcsPlugInService service hosts third-party Windows Color System color device model and gamut map model plug-in modules. These plug-in modules are vendor-specific extensions to the Windows Color System baseline color device and gamut map models. Stopping or disabling the WcsPlugInService service will disable this extensibility feature, and the Windows Color System will use its baseline model processing rather than the vendor's desired processing. This might result in inaccurate color rendering. (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\wcspluginservice.dll 2/11/2006 13:14 VT detection: Provider DLL failed to initialize correctly. WdiServiceHost %SystemRoot%\system32\wdi.dll The Diagnostic Service Host service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, some diagnostics will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\wdi.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. WdiSystemHost %SystemRoot%\system32\wdi.dll The Diagnostic System Host service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, some diagnostics will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. (Not Verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\wdi.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. Wecsvc %SystemRoot%\system32\wecsvc.dll This service manages persistent subscriptions to events from remote sources that support WS-Management protocol. This includes Windows Vista event logs, hardware and IPMI-enabled event sources. The service stores forwarded events in a local Event Log. If this service is stopped or disabled event subscriptions cannot be created and forwarded events cannot be accepted. (Not verified) Microsoft Corporation 6.0.6002.18111 c:\windows\system32\wecsvc.dll 9/10/2009 23:34 VT detection: Provider DLL failed to initialize correctly. wercplsupport %SystemRoot%\System32\wercplsupport.dll This service provides support for viewing, sending and deletion of system-level problem reports for the Problem Reports and Solutions control panel. (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\wercplsupport.dll 2/11/2006 13:15 VT detection: Provider DLL failed to initialize correctly. WerSvc %SystemRoot%\System32\WerSvc.dll Allows errors to be reported when programs stop working or responding and allows existing solutions to be delivered. Also allows logs to be generated for diagnostic and repair services. If this service is stopped, error reporting might not work correctly and results of diagnostic services and repairs might not be displayed. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\wersvc.dll 19/01/2008 9:59 VT detection: Provider DLL failed to initialize correctly. Winmgmt %SystemRoot%\system32\wbem\WMIsvc.dll Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\wbem\wmisvc.dll 11/04/2009 9:11 VT detection: Provider DLL failed to initialize correctly. WinRM %SystemRoot%\system32\WsmSvc.dll Windows Remote Management (WinRM) service implements the WS-Management protocol for remote management. WS-Management is a standard web services protocol used for remote software and hardware management. The WinRM service listens on the network for WS-Management requests and processes them. The WinRM Service needs to be configured with a listener using winrm.cmd command line tool or through Group Policy in order for it to listen over the network. The WinRM service provides access to WMI data and enables event collection. Event collection and subscription to events require that the service is running. WinRM messages use HTTP and HTTPS as transports. The WinRM service does not depend on IIS but is preconfigured to share a port with IIS on the same machine. The WinRM service reserves the /wsman URL prefix. To prevent conflicts with IIS, administrators should ensure that any websites hosted on IIS do not use the /wsman URL prefix. (Not verified) Microsoft Corporation 6.0.6002.18111 c:\windows\system32\wsmsvc.dll 9/10/2009 23:36 VT detection: Provider DLL failed to initialize correctly. Wlansvc %SystemRoot%\System32\wlansvc.dll This service enumerates WLAN adapters, manages WLAN connections and profiles. (Not verified) Microsoft Corporation 6.0.6002.18064 c:\windows\system32\wlansvc.dll 11/07/2009 21:13 VT detection: Provider DLL failed to initialize correctly. wlidsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" Activeert de verificatie van Windows Live ID. (Not verified) Microsoft Corp. 7.250.4225.0 c:\program files\common files\microsoft shared\windows live\wlidsvc.exe 21/09/2010 23:46 VT detection: Provider DLL failed to initialize correctly. wmiApSrv %systemroot%\system32\wbem\WmiApSrv.exe Provides performance library information from Windows Management Instrumentation (WMI) providers to clients on the network. This service only runs when Performance Data Helper is activated. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\wbem\wmiapsrv.exe 11/04/2009 7:15 VT detection: Provider DLL failed to initialize correctly. WMPNetworkSvc "%ProgramFiles%\Windows Media Player\wmpnetwk.exe" Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play (Not verified) Microsoft Corporation 11.0.6001.7000 c:\program files\windows media player\wmpnetwk.exe 19/01/2008 8:51 VT detection: Provider DLL failed to initialize correctly. WPCSvc %SystemRoot%\System32\wpcsvc.dll This service enables Windows Parental Controls on the system. If this service is not running, Parental controls will not work. (Not verified) Microsoft Corporation 1.0.0.1 c:\windows\system32\wpcsvc.dll 19/01/2008 10:02 VT detection: Provider DLL failed to initialize correctly. WPDBusEnum %SystemRoot%\system32\wpdbusenum.dll Enforces group policy for removable mass-storage devices. Enables applications such as Windows Media Player and Image Import Wizard to transfer and synchronize content using removable mass-storage devices. (Not verified) Microsoft Corporation 6.0.6002.18112 c:\windows\system32\wpdbusenum.dll 1/10/2009 2:51 VT detection: Provider DLL failed to initialize correctly. WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications. (Not verified) Microsoft Corporation 4.0.30319.18408 c:\windows\microsoft.net\framework64\v4.0.30319\wpf\wpffontcache_v0400.exe 12/09/2013 3:42 VT detection: Provider DLL failed to initialize correctly. WSearch %systemroot%\system32\SearchIndexer.exe /Embedding Provides content indexing and property caching for file, email and other content (via extensibility APIs). The service responds to file and email notifications to index modified content. If the service is stopped or disabled, the Explorer will not be able to display virtual folder views of items, and search in the Explorer will fall back to item-by-item slow search. (Not verified) Microsoft Corporation 7.0.6002.18005 c:\windows\system32\searchindexer.exe 11/04/2009 8:05 VT detection: Provider DLL failed to initialize correctly. wuauserv %systemroot%\system32\wuaueng.dll @%systemroot%\system32\wuaueng.dll,-106 (Not verified) Microsoft Corporation 7.6.7600.256 c:\windows\system32\wuaueng.dll 3/06/2012 0:15 VT detection: Provider DLL failed to initialize correctly. wudfsvc %SystemRoot%\System32\WUDFSvc.dll Creates and manages user-mode driver processes. This service cannot be stopped. (Not verified) Microsoft Corporation 6.2.9200.16384 c:\windows\system32\wudfsvc.dll 26/07/2012 3:05 VT detection: Provider DLL failed to initialize correctly. HKLM\System\CurrentControlSet\Services ACPI system32\drivers\acpi.sys ACPI Driver for NT (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\acpi.sys 11/04/2009 7:03 VT detection: Provider DLL failed to initialize correctly. ACSSCR system32\DRIVERS\a38usb.sys PCSC/CCID IFD Handler (Not verified) Advanced Card Systems Ltd 1.1.6.3 c:\windows\system32\drivers\a38usb.sys 26/07/2012 9:02 VT detection: Provider DLL failed to initialize correctly. adfs adfs Adobe Drive File System Driver (Not verified) Adobe Systems, Inc. 4.0.1.86 c:\windows\system32\drivers\adfs.sys 3/11/2008 18:48 VT detection: Provider DLL failed to initialize correctly. AFD \SystemRoot\system32\drivers\afd.sys Ancilliary Function Driver for Winsock (Not verified) Microsoft Corporation 6.0.6002.19115 c:\windows\system32\drivers\afd.sys 30/05/2014 9:10 VT detection: Provider DLL failed to initialize correctly. agp440 \SystemRoot\system32\drivers\agp440.sys 440 NT AGP Filter (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\agp440.sys 19/01/2008 8:02 VT detection: Provider DLL failed to initialize correctly. aksdf \??\C:\Windows\system32\drivers\aksdf.sys Aladdin Data Mini-Filter Driver (Not verified) Aladdin Knowledge Systems Ltd. 1.12.1755.1 c:\windows\system32\drivers\aksdf.sys 20/02/2007 16:51 VT detection: Provider DLL failed to initialize correctly. aksfridge \??\C:\Windows\system32\drivers\aksfridge.sys Ancillary Function Driver (Not verified) Aladdin Knowledge Systems Ltd. 1.21.2119.0 c:\windows\system32\drivers\aksfridge.sys 12/03/2007 18:00 VT detection: Provider DLL failed to initialize correctly. AsyncMac system32\DRIVERS\asyncmac.sys RAS Asynchronous Media Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\asyncmac.sys 19/01/2008 8:37 VT detection: Provider DLL failed to initialize correctly. atapi system32\drivers\atapi.sys ATAPI IDE Miniport Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\atapi.sys 11/04/2009 7:34 VT detection: Provider DLL failed to initialize correctly. bowser system32\DRIVERS\bowser.sys Implements the datagram receiver for the computer browser browser service. (Not verified) Microsoft Corporation 6.0.6002.18407 c:\windows\system32\drivers\bowser.sys 18/02/2011 16:16 VT detection: Provider DLL failed to initialize correctly. BrFiltLo \SystemRoot\system32\drivers\brfiltlo.sys Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver (Not verified) Brother Industries, Ltd. 1.10.0.2 c:\windows\system32\drivers\brfiltlo.sys 7/08/2006 3:51 VT detection: Provider DLL failed to initialize correctly. BrFiltUp \SystemRoot\system32\drivers\brfiltup.sys Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver (Not verified) Brother Industries, Ltd. 1.4.0.1 c:\windows\system32\drivers\brfiltup.sys 7/08/2006 3:51 VT detection: Provider DLL failed to initialize correctly. BrUsbSer \SystemRoot\system32\drivers\brusbser.sys Brother USB Serial Driver (Not verified) Brother Industries Ltd. 1.0.1.3 c:\windows\system32\drivers\brusbser.sys 9/08/2006 14:11 VT detection: Provider DLL failed to initialize correctly. cdrom system32\DRIVERS\cdrom.sys SCSI CD-ROM Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\cdrom.sys 11/04/2009 7:34 VT detection: Provider DLL failed to initialize correctly. CLFS System32\CLFS.sys Common Log (CLFS) (Not verified) Microsoft Corporation 6.0.6002.19331 c:\windows\system32\clfs.sys 5/03/2015 2:42 VT detection: Provider DLL failed to initialize correctly. cpuz135 \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys File not found: C:\Windows\TEMP\cpuz135\cpuz135_x64.sys crcdisk system32\drivers\crcdisk.sys Disk Block Verification Filter Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\crcdisk.sys 19/01/2008 8:30 VT detection: Provider DLL failed to initialize correctly. DfsC System32\Drivers\dfsc.sys Client driver for access to DFS Namespaces (Not verified) Microsoft Corporation 6.0.6002.18451 c:\windows\system32\drivers\dfsc.sys 14/04/2011 17:14 VT detection: Provider DLL failed to initialize correctly. disk system32\drivers\disk.sys PnP Disk Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\disk.sys 11/04/2009 7:34 VT detection: Provider DLL failed to initialize correctly. Dot4 system32\DRIVERS\Dot4.sys IEEE-1284.4-1999 Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\dot4.sys 19/01/2008 8:28 VT detection: Provider DLL failed to initialize correctly. Dot4Print system32\DRIVERS\Dot4Prt.sys IEEE-1284.4 Print Class Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\dot4prt.sys 19/01/2008 8:27 VT detection: Provider DLL failed to initialize correctly. dot4usb system32\DRIVERS\dot4usb.sys DOT4USB filter driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\dot4usb.sys 19/01/2008 8:28 VT detection: Provider DLL failed to initialize correctly. drmkaud system32\drivers\drmkaud.sys Microsoft Kernel DRM Audio Descrambler Filter (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\drivers\drmkaud.sys 2/11/2006 11:43 VT detection: Provider DLL failed to initialize correctly. DrvAgent64 \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS DriverAgent Direct I/O for 64-bit Windows (Not verified) Phoenix Technologies 1.0.0.1 c:\windows\syswow64\drivers\drvagent64.sys 14/12/2009 12:23 VT detection: Provider DLL failed to initialize correctly. DXGKrnl \SystemRoot\System32\drivers\dxgkrnl.sys Controls the underlying video driver stacks to provide fully-featured display capabilities. (Not verified) Microsoft Corporation 7.0.6002.23427 c:\windows\system32\drivers\dxgkrnl.sys 14/06/2014 2:05 VT detection: Provider DLL failed to initialize correctly. E1G60 system32\DRIVERS\E1G6032E.sys Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver (Not verified) Intel Corporation 8.3.2.8 c:\windows\system32\drivers\e1g6032e.sys 7/08/2007 18:15 VT detection: Provider DLL failed to initialize correctly. Ecache System32\drivers\ecache.sys ReadyBoost Caching Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\ecache.sys 11/04/2009 7:36 VT detection: Provider DLL failed to initialize correctly. epmntdrv \??\C:\Windows\system32\epmntdrv.sys c:\windows\system32\epmntdrv.sys 15/08/2008 3:11 VT detection: Provider DLL failed to initialize correctly. EuGdiDrv \??\C:\Windows\system32\EuGdiDrv.sys c:\windows\system32\eugdidrv.sys 15/09/2009 9:13 VT detection: Provider DLL failed to initialize correctly. exfat exfat exFAT File System Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\exfat.sys 11/04/2009 6:54 VT detection: Provider DLL failed to initialize correctly. fastfat fastfat Note - dependance on CDROM.SYS only if required to read/write DVD-RAM media (which appears as CD class device). (Core) (All pieces) (Not verified) Microsoft Corporation 6.0.6002.19176 c:\windows\system32\drivers\fastfat.sys 5/09/2014 1:38 VT detection: Provider DLL failed to initialize correctly. fdc system32\DRIVERS\fdc.sys Floppy Disk Controller Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\fdc.sys 19/01/2008 8:28 VT detection: Provider DLL failed to initialize correctly. FileInfo system32\drivers\fileinfo.sys Collects information about files in memory to be consumed by other system services. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\fileinfo.sys 19/01/2008 8:05 VT detection: Provider DLL failed to initialize correctly. Filetrace system32\drivers\filetrace.sys ETW File Trace Filter (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\filetrace.sys 19/01/2008 7:58 VT detection: Provider DLL failed to initialize correctly. flpydisk system32\DRIVERS\flpydisk.sys Floppy Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\flpydisk.sys 19/01/2008 8:28 VT detection: Provider DLL failed to initialize correctly. FltMgr system32\drivers\fltmgr.sys File System Filter Manager Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\fltmgr.sys 11/04/2009 6:54 VT detection: Provider DLL failed to initialize correctly. gagp30kx \SystemRoot\system32\drivers\gagp30kx.sys MS Generic AGPv3.0 Filter for K8/9 Processor Platforms (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\gagp30kx.sys 19/01/2008 8:02 VT detection: Provider DLL failed to initialize correctly. GEARAspiWDM system32\DRIVERS\GEARAspiWDM.sys CD DVD Filter (Not verified) GEAR Software Inc. 2.2.3.0 c:\windows\system32\drivers\gearaspiwdm.sys 3/05/2012 21:56 VT detection: Provider DLL failed to initialize correctly. Hardlock \??\C:\Windows\system32\drivers\hardlock.sys Hardlock Device Driver for Windows x64 (Not verified) Aladdin Knowledge Systems Ltd. 3.43.2002.1 c:\windows\system32\drivers\hardlock.sys 6/03/2007 19:59 VT detection: Provider DLL failed to initialize correctly. HdAudAddService system32\drivers\HdAudio.sys High Definition Audio Function Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\hdaudio.sys 11/04/2009 7:39 VT detection: Provider DLL failed to initialize correctly. HDAudBus system32\DRIVERS\HDAudBus.sys High Definition Audio Bus Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\hdaudbus.sys 11/04/2009 7:39 VT detection: Provider DLL failed to initialize correctly. HidUsb system32\DRIVERS\hidusb.sys USB Miniport Driver for Input Devices (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\hidusb.sys 11/04/2009 7:39 VT detection: Provider DLL failed to initialize correctly. HTTP system32\drivers\HTTP.sys This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation 6.0.6002.18210 c:\windows\system32\drivers\http.sys 20/02/2010 23:30 VT detection: Provider DLL failed to initialize correctly. i8042prt system32\DRIVERS\i8042prt.sys i8042 Port Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\i8042prt.sys 19/01/2008 8:28 VT detection: Provider DLL failed to initialize correctly. IntcAzAudAddService system32\drivers\RTKVHD64.sys File not found: system32\drivers\RTKVHD64.sys intelppm system32\DRIVERS\intelppm.sys Processor Device Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\intelppm.sys 19/01/2008 7:52 VT detection: Provider DLL failed to initialize correctly. IpFilterDriver system32\DRIVERS\ipfltdrv.sys IP Traffic Filter Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\ipfltdrv.sys 11/04/2009 7:43 VT detection: Provider DLL failed to initialize correctly. IpInIp system32\DRIVERS\ipinip.sys IP in IP Tunnel Driver File not found: system32\DRIVERS\ipinip.sys IPNAT system32\DRIVERS\ipnat.sys IP Network Address Translator (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\ipnat.sys 19/01/2008 8:37 VT detection: Provider DLL failed to initialize correctly. IRENUM system32\drivers\irenum.sys IR Bus Enumerator (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\irenum.sys 19/01/2008 8:36 VT detection: Provider DLL failed to initialize correctly. iScsiPrt system32\DRIVERS\msiscsi.sys Microsoft iSCSI Initiator Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\msiscsi.sys 11/04/2009 7:36 VT detection: Provider DLL failed to initialize correctly. JRAID system32\DRIVERS\jraid.sys JMicron JMB36X RAID Driver (Not verified) JMicron Technology Corp. 1.17.19.2 c:\windows\system32\drivers\jraid.sys 24/05/2007 12:30 VT detection: Provider DLL failed to initialize correctly. kbdclass system32\DRIVERS\kbdclass.sys Keyboard Class Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\kbdclass.sys 19/01/2008 8:28 VT detection: Provider DLL failed to initialize correctly. kbdhid system32\DRIVERS\kbdhid.sys HID Keyboard Filter Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\kbdhid.sys 11/04/2009 7:33 VT detection: Provider DLL failed to initialize correctly. KSecDD System32\Drivers\ksecdd.sys Kernel Security Support Provider Interface (Not verified) Microsoft Corporation 6.0.6002.19282 c:\windows\system32\drivers\ksecdd.sys 14/01/2015 5:40 VT detection: Provider DLL failed to initialize correctly. ksthunk \SystemRoot\system32\drivers\ksthunk.sys Kernel Streaming WOW Thunk Service (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\ksthunk.sys 19/01/2008 8:28 VT detection: Provider DLL failed to initialize correctly. L8042Kbd system32\DRIVERS\L8042Kbd.sys Logitech PS2 Keyboard Filter Driver. (Not verified) Logitech, Inc. 4.60.42.0 c:\windows\system32\drivers\l8042kbd.sys 29/02/2008 12:09 VT detection: Provider DLL failed to initialize correctly. L8042mou system32\DRIVERS\L8042mou.Sys Logitech PS/2 Mouse Filter Driver. (Not verified) Logitech, Inc. 4.60.42.0 c:\windows\system32\drivers\l8042mou.sys 29/02/2008 12:09 VT detection: Provider DLL failed to initialize correctly. LHidFilt system32\DRIVERS\LHidFilt.Sys Logitech HID Filter Driver. (Not verified) Logitech, Inc. 5.33.10.0 c:\windows\system32\drivers\lhidfilt.sys 2/09/2011 8:23 VT detection: Provider DLL failed to initialize correctly. libusb0 system32\DRIVERS\libusb0.sys LibUSB-Win32 - Kernel Driver (Not verified) http://libusb-win32.sourceforge.net 1.2.4.0 c:\windows\system32\drivers\libusb0.sys 9/04/2011 0:29 VT detection: Provider DLL failed to initialize correctly. lltdio system32\DRIVERS\lltdio.sys Link-Layer Topology Mapper I/O Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\lltdio.sys 19/01/2008 8:35 VT detection: Provider DLL failed to initialize correctly. LMouFilt system32\DRIVERS\LMouFilt.Sys Logitech Mouse Filter Driver. (Not verified) Logitech, Inc. 4.60.42.0 c:\windows\system32\drivers\lmoufilt.sys 29/02/2008 12:08 VT detection: Provider DLL failed to initialize correctly. LMouKE system32\DRIVERS\LMouKE.Sys Logitech Filter Driver for Mouse Class. (Not verified) Logitech, Inc. 4.60.42.0 c:\windows\system32\drivers\lmouke.sys 29/02/2008 12:09 VT detection: Provider DLL failed to initialize correctly. luafv \SystemRoot\system32\drivers\luafv.sys Virtualizes file write failures to per-user locations. (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\luafv.sys 19/01/2008 7:59 VT detection: Provider DLL failed to initialize correctly. Memctl \??\F:\U-ABIT\BlackBox\Memctl.sys f:\u-abit\blackbox\memctl.sys 30/11/2001 5:49 VT detection: Provider DLL failed to initialize correctly. Modem system32\drivers\modem.sys Modem Device Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\modem.sys 19/01/2008 8:38 VT detection: Provider DLL failed to initialize correctly. monitor system32\DRIVERS\monitor.sys Monitor Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\monitor.sys 19/01/2008 8:32 VT detection: Provider DLL failed to initialize correctly. mouclass system32\DRIVERS\mouclass.sys Mouse Class Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\mouclass.sys 19/01/2008 8:28 VT detection: Provider DLL failed to initialize correctly. mouhid system32\DRIVERS\mouhid.sys HID Mouse Filter Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\mouhid.sys 19/01/2008 8:28 VT detection: Provider DLL failed to initialize correctly. MountMgr System32\drivers\mountmgr.sys Driver responsible with maintaining persistent drive letters and names for volumes (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\mountmgr.sys 19/01/2008 8:28 VT detection: Provider DLL failed to initialize correctly. MpFilter system32\DRIVERS\MpFilter.sys Microsoft On-Access Malware Protection Mini-Filter Driver (Not verified) Microsoft Corporation 4.8.200.0 c:\windows\system32\drivers\mpfilter.sys 27/02/2015 2:21 VT detection: Provider DLL failed to initialize correctly. mpsdrv System32\drivers\mpsdrv.sys @%SystemRoot%\system32\FirewallAPI.dll,-23093 (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\mpsdrv.sys 19/01/2008 8:35 VT detection: Provider DLL failed to initialize correctly. MRxDAV \SystemRoot\system32\drivers\mrxdav.sys WebDav Client Redirector Driver (Not verified) Microsoft Corporation 6.0.6002.19273 c:\windows\system32\drivers\mrxdav.sys 19/12/2014 2:26 VT detection: Provider DLL failed to initialize correctly. mrxsmb system32\DRIVERS\mrxsmb.sys Implements the framework for the SMB filesystem redirector (Not verified) Microsoft Corporation 6.0.6002.18462 c:\windows\system32\drivers\mrxsmb.sys 29/04/2011 15:39 VT detection: Provider DLL failed to initialize correctly. mrxsmb10 system32\DRIVERS\mrxsmb10.sys Implements the SMB 1.x (CIFS) protocol. This protocol provides connectivity to network resources on pre-Windows Vista servers (Not verified) Microsoft Corporation 6.0.6002.18490 c:\windows\system32\drivers\mrxsmb10.sys 6/07/2011 17:49 VT detection: Provider DLL failed to initialize correctly. mrxsmb20 system32\DRIVERS\mrxsmb20.sys Implements the SMB 2.0 protocol, which provides connectivity to network resources on Windows Vista and later servers (Not verified) Microsoft Corporation 6.0.6002.18462 c:\windows\system32\drivers\mrxsmb20.sys 29/04/2011 15:39 VT detection: Provider DLL failed to initialize correctly. Msfs Msfs Mailslot driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\msfs.sys 19/01/2008 7:53 VT detection: Provider DLL failed to initialize correctly. msisadrv system32\drivers\msisadrv.sys ISA Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\msisadrv.sys 19/01/2008 8:02 VT detection: Provider DLL failed to initialize correctly. MSKSSRV system32\drivers\MSKSSRV.sys MS KS Server (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\mskssrv.sys 19/01/2008 8:28 VT detection: Provider DLL failed to initialize correctly. MSPCLOCK system32\drivers\MSPCLOCK.sys MS Proxy Clock (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\drivers\mspclock.sys 2/11/2006 11:37 VT detection: Provider DLL failed to initialize correctly. MSPQM system32\drivers\MSPQM.sys MS Proxy Quality Manager (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\drivers\mspqm.sys 2/11/2006 11:37 VT detection: Provider DLL failed to initialize correctly. MsRPC MsRPC Kernel Remote Procedure Call Provider (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\msrpc.sys 11/04/2009 7:32 VT detection: Provider DLL failed to initialize correctly. mssmbios system32\DRIVERS\mssmbios.sys System Management BIOS Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\mssmbios.sys 19/01/2008 8:02 VT detection: Provider DLL failed to initialize correctly. MSTEE system32\drivers\MSTEE.sys WDM Tee/Communication Transform Filter (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\mstee.sys 19/01/2008 8:28 VT detection: Provider DLL failed to initialize correctly. Mup System32\Drivers\mup.sys Multiple UNC Provider (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\mup.sys 11/04/2009 6:54 VT detection: Provider DLL failed to initialize correctly. NativeWifiP system32\DRIVERS\nwifi.sys NativeWiFi Miniport Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\nwifi.sys 11/04/2009 7:40 VT detection: Provider DLL failed to initialize correctly. NDIS system32\drivers\ndis.sys NDIS System Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\ndis.sys 11/04/2009 7:43 VT detection: Provider DLL failed to initialize correctly. NdisTapi system32\DRIVERS\ndistapi.sys Remote Access NDIS TAPI Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\ndistapi.sys 19/01/2008 8:37 VT detection: Provider DLL failed to initialize correctly. Ndisuio system32\DRIVERS\ndisuio.sys NDIS User mode I/O driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\ndisuio.sys 19/01/2008 8:36 VT detection: Provider DLL failed to initialize correctly. NdisWan system32\DRIVERS\ndiswan.sys Remote Access NDIS WAN Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\ndiswan.sys 11/04/2009 7:43 VT detection: Provider DLL failed to initialize correctly. NDProxy NDProxy NDIS Proxy (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\ndproxy.sys 19/01/2008 8:37 VT detection: Provider DLL failed to initialize correctly. NetBIOS system32\DRIVERS\netbios.sys NetBIOS Interface (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\netbios.sys 19/01/2008 8:36 VT detection: Provider DLL failed to initialize correctly. netbt System32\DRIVERS\netbt.sys This service implements NetBios over TCP/IP. (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\netbt.sys 11/04/2009 7:42 VT detection: Provider DLL failed to initialize correctly. NisDrv system32\DRIVERS\NisDrvWFP.sys NIS helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols (Not verified) Microsoft Corporation 4.8.200.0 c:\windows\system32\drivers\nisdrvwfp.sys 27/02/2015 2:22 VT detection: Provider DLL failed to initialize correctly. NPF system32\drivers\npf.sys File not found: system32\drivers\npf.sys Npfs Npfs NPFS Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\npfs.sys 11/04/2009 6:54 VT detection: Provider DLL failed to initialize correctly. nsiproxy system32\drivers\nsiproxy.sys NSI proxy service (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\nsiproxy.sys 19/01/2008 8:36 VT detection: Provider DLL failed to initialize correctly. Ntfs Ntfs NT File System Driver (Not verified) Microsoft Corporation 6.0.6002.18799 c:\windows\system32\drivers\ntfs.sys 2/03/2013 23:17 VT detection: Provider DLL failed to initialize correctly. Null Null NULL Driver (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\drivers\null.sys 2/11/2006 11:37 VT detection: Provider DLL failed to initialize correctly. NVHDA system32\drivers\nvhda64v.sys NVIDIA HDMI Audio Driver (Not verified) NVIDIA Corporation 1.3.24.2 c:\windows\system32\drivers\nvhda64v.sys 25/02/2013 7:27 VT detection: Provider DLL failed to initialize correctly. nvlddmkm system32\DRIVERS\nvlddmkm.sys NVIDIA Windows Kernel Mode Driver, Version 320.49 (Not verified) NVIDIA Corporation 9.18.13.2049 c:\windows\system32\drivers\nvlddmkm.sys 21/06/2013 11:06 VT detection: Provider DLL failed to initialize correctly. nv_agp \SystemRoot\system32\drivers\nv_agp.sys NForce NT AGP Filter (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\nv_agp.sys 19/01/2008 8:02 VT detection: Provider DLL failed to initialize correctly. NwlnkFlt system32\DRIVERS\nwlnkflt.sys IPX Traffic Filter Driver File not found: system32\DRIVERS\nwlnkflt.sys NwlnkFwd system32\DRIVERS\nwlnkfwd.sys IPX Traffic Forwarder Driver File not found: system32\DRIVERS\nwlnkfwd.sys ohci1394 system32\DRIVERS\ohci1394.sys 1394 OpenHCI Port Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\ohci1394.sys 11/04/2009 7:39 VT detection: Provider DLL failed to initialize correctly. partmgr System32\drivers\partmgr.sys Disk class filter driver that auctions out partitions to volume managers (Not verified) Microsoft Corporation 6.0.6002.18600 c:\windows\system32\drivers\partmgr.sys 20/03/2012 19:49 VT detection: Provider DLL failed to initialize correctly. pci system32\drivers\pci.sys NT Plug and Play PCI Enumerator (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\pci.sys 11/04/2009 7:03 VT detection: Provider DLL failed to initialize correctly. pciide system32\drivers\pciide.sys Generic PCI IDE Bus Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\pciide.sys 11/04/2009 7:34 VT detection: Provider DLL failed to initialize correctly. PEAUTH system32\drivers\peauth.sys Protected Environment Authentication and Authorization Export Driver (Not verified) Microsoft Corporation 6.0.5840.16385 c:\windows\system32\drivers\peauth.sys 23/10/2006 13:57 VT detection: Provider DLL failed to initialize correctly. PptpMiniport system32\DRIVERS\raspptp.sys WAN Miniport (PPTP) (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\raspptp.sys 11/04/2009 7:43 VT detection: Provider DLL failed to initialize correctly. PSched system32\DRIVERS\pacer.sys QoS Packet Scheduler (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\pacer.sys 11/04/2009 7:42 VT detection: Provider DLL failed to initialize correctly. PxHlpa64 System32\Drivers\PxHlpa64.sys Px Engine Device Driver for 64-bit Windows (Not verified) Sonic Solutions 3.0.78.0 c:\windows\system32\drivers\pxhlpa64.sys 11/12/2007 1:49 VT detection: Provider DLL failed to initialize correctly. QWAVEdrv \SystemRoot\system32\drivers\qwavedrv.sys Quality Windows Audio/Video Experience component driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\qwavedrv.sys 19/01/2008 8:37 VT detection: Provider DLL failed to initialize correctly. RasAcd System32\DRIVERS\rasacd.sys Remote Access Auto Connection Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\rasacd.sys 19/01/2008 8:37 VT detection: Provider DLL failed to initialize correctly. Rasl2tp system32\DRIVERS\rasl2tp.sys WAN Miniport (L2TP) (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\rasl2tp.sys 11/04/2009 7:43 VT detection: Provider DLL failed to initialize correctly. RasPppoe system32\DRIVERS\raspppoe.sys Remote Access PPPOE Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\raspppoe.sys 11/04/2009 7:43 VT detection: Provider DLL failed to initialize correctly. RasSstp system32\DRIVERS\rassstp.sys WAN Miniport (SSTP) (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\rassstp.sys 11/04/2009 7:43 VT detection: Provider DLL failed to initialize correctly. rdbss system32\DRIVERS\rdbss.sys Provides the framework for network mini-redirectors (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\rdbss.sys 11/04/2009 6:55 VT detection: Provider DLL failed to initialize correctly. RDPCDD System32\DRIVERS\RDPCDD.sys RDPDD Chained DD (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\rdpcdd.sys 19/01/2008 8:42 VT detection: Provider DLL failed to initialize correctly. RDPENCDD system32\drivers\rdpencdd.sys RDP Encoder Mirror Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\rdpencdd.sys 19/01/2008 8:42 VT detection: Provider DLL failed to initialize correctly. RDPWD RDPWD RDP Terminal Stack Driver (Not verified) Microsoft Corporation 6.0.6002.18621 c:\windows\system32\drivers\rdpwd.sys 1/05/2012 16:29 VT detection: Provider DLL failed to initialize correctly. Revoflt system32\DRIVERS\revoflt.sys Revo Uninstaller Filter driver (Not verified) VS Revo Group 1.0.0.4 c:\windows\system32\drivers\revoflt.sys 30/12/2009 11:19 VT detection: Provider DLL failed to initialize correctly. rspndr system32\DRIVERS\rspndr.sys Link-Layer Topology Responder Driver for NDIS 6 (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\rspndr.sys 19/01/2008 8:35 VT detection: Provider DLL failed to initialize correctly. RTL8169 system32\DRIVERS\Rtlh64.sys Realtek 8101E/8168/8169 NDIS6 64-bit Driver (Not verified) Realtek Corporation 6.217.226.2009 c:\windows\system32\drivers\rtlh64.sys 6/03/2009 11:06 VT detection: Provider DLL failed to initialize correctly. SaiH0BAC system32\DRIVERS\SaiH0BAC.sys Saitek Hid Driver (Not verified) Saitek 6.0.6.5 c:\windows\system32\drivers\saih0bac.sys 2/07/2007 11:25 VT detection: Provider DLL failed to initialize correctly. SaiH0C2D system32\DRIVERS\SaiH0C2D.sys Saitek Hid Driver (Not verified) Saitek 6.0.6.5 c:\windows\system32\drivers\saih0c2d.sys 2/07/2007 11:25 VT detection: Provider DLL failed to initialize correctly. SaiMini system32\DRIVERS\SaiMini.sys Saitek Magic Mini Driver (Not verified) Saitek 6.0.7.0 c:\windows\system32\drivers\saimini.sys 12/07/2007 16:14 VT detection: Provider DLL failed to initialize correctly. SaiNtBus system32\drivers\SaiBus.sys Saitek Magic Bus (Not verified) Saitek 6.0.7.0 c:\windows\system32\drivers\saibus.sys 12/07/2007 16:14 VT detection: Provider DLL failed to initialize correctly. secdrv secdrv Macrovision SECURITY Driver (Not verified) Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. 4.3.86.0 c:\windows\system32\drivers\secdrv.sys 13/09/2006 15:18 VT detection: Provider DLL failed to initialize correctly. Serenum \SystemRoot\system32\drivers\serenum.sys Serial Port Enumerator (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\drivers\serenum.sys 2/11/2006 11:37 VT detection: Provider DLL failed to initialize correctly. Serial \SystemRoot\system32\drivers\serial.sys Serial Device Driver (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\drivers\serial.sys 2/11/2006 11:38 VT detection: Provider DLL failed to initialize correctly. sffp_mmc \SystemRoot\system32\drivers\sffp_mmc.sys Small Form Factor MMC Protocol Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\sffp_mmc.sys 19/01/2008 8:29 VT detection: Provider DLL failed to initialize correctly. sffp_sd \SystemRoot\system32\drivers\sffp_sd.sys Small Form Factor SD Protocol Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\sffp_sd.sys 19/01/2008 8:29 VT detection: Provider DLL failed to initialize correctly. Smb system32\DRIVERS\smb.sys Microsoft NetbiosSmb Device Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\smb.sys 11/04/2009 7:42 VT detection: Provider DLL failed to initialize correctly. speedfan SysWOW64\speedfan.sys SpeedFan x64 Driver (Not verified) Almico Software 2.1.7.0 c:\windows\syswow64\speedfan.sys 18/03/2011 18:08 VT detection: Provider DLL failed to initialize correctly. spldr spldr loader for security processor (Not verified) Microsoft Corporation 6.0.6002.17001 c:\windows\system32\drivers\spldr.sys 12/01/2009 23:51 VT detection: Provider DLL failed to initialize correctly. sptd System32\Drivers\sptd.sys c:\windows\system32\drivers\sptd.sys VT detection: The process cannot access the file because it is being used by another process. srv System32\DRIVERS\srv.sys Server driver (Not verified) Microsoft Corporation 6.0.6002.18407 c:\windows\system32\drivers\srv.sys 18/02/2011 16:18 VT detection: Provider DLL failed to initialize correctly. srv2 System32\DRIVERS\srv2.sys Default SDDL for Windows Resource Protected file (Not verified) Microsoft Corporation 6.0.6002.18462 c:\windows\system32\drivers\srv2.sys 29/04/2011 15:41 VT detection: Provider DLL failed to initialize correctly. srvnet System32\DRIVERS\srvnet.sys Server Network driver (Not verified) Microsoft Corporation 6.0.6002.18462 c:\windows\system32\drivers\srvnet.sys 29/04/2011 15:40 VT detection: Provider DLL failed to initialize correctly. StarOpen StarOpen File not found: C:\Windows\System32\Drivers\StarOpen.sys StillCam system32\DRIVERS\serscan.sys Serial Imaging Device Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\serscan.sys 19/01/2008 9:09 VT detection: Provider DLL failed to initialize correctly. swenum system32\DRIVERS\swenum.sys Plug and Play Software Device Enumerator (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\drivers\swenum.sys 2/11/2006 11:37 VT detection: Provider DLL failed to initialize correctly. Tcpip System32\drivers\tcpip.sys TCP/IP Protocol Driver (Not verified) Microsoft Corporation 6.0.6002.23370 c:\windows\system32\drivers\tcpip.sys 5/04/2014 4:33 VT detection: Provider DLL failed to initialize correctly. Tcpip6 system32\DRIVERS\tcpip.sys Microsoft IPv6 Protocol Driver (Not Verified) Microsoft Corporation 6.0.6002.23370 c:\windows\system32\drivers\tcpip.sys 5/04/2014 4:33 VT detection: Provider DLL failed to initialize correctly. tcpipreg System32\drivers\tcpipreg.sys Provides compatibility for legacy applications which interact with TCP/IP through the registry. If this service is stopped, certain applications may have impaired functionality. (Not verified) Microsoft Corporation 6.0.6002.23370 c:\windows\system32\drivers\tcpipreg.sys 5/04/2014 4:32 VT detection: Provider DLL failed to initialize correctly. TDPIPE system32\drivers\tdpipe.sys Named Pipe Transport Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\tdpipe.sys 19/01/2008 8:42 VT detection: Provider DLL failed to initialize correctly. TDTCP system32\drivers\tdtcp.sys TCP Transport Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\tdtcp.sys 19/01/2008 8:42 VT detection: Provider DLL failed to initialize correctly. tdx system32\DRIVERS\tdx.sys NetIO Legacy TDI Support Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\tdx.sys 11/04/2009 7:43 VT detection: Provider DLL failed to initialize correctly. TermDD system32\DRIVERS\termdd.sys Terminal Server Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\termdd.sys 11/04/2009 7:48 VT detection: Provider DLL failed to initialize correctly. tssecsrv System32\DRIVERS\tssecsrv.sys Terminal Services Security Filter Driver (Not verified) Microsoft Corporation 6.0.6002.18868 c:\windows\system32\drivers\tssecsrv.sys 15/06/2013 13:38 VT detection: Provider DLL failed to initialize correctly. tunmp system32\DRIVERS\tunmp.sys Microsoft Tunnel Interface Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\tunmp.sys 19/01/2008 8:36 VT detection: Provider DLL failed to initialize correctly. tunnel system32\DRIVERS\tunnel.sys Microsoft Tunnel Interface Driver (Not verified) Microsoft Corporation 6.0.6002.18209 c:\windows\system32\drivers\tunnel.sys 18/02/2010 13:59 VT detection: Provider DLL failed to initialize correctly. uagp35 \SystemRoot\system32\drivers\uagp35.sys MS AGPv3.5 Filter (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\uagp35.sys 19/01/2008 8:02 VT detection: Provider DLL failed to initialize correctly. UGURU system32\drivers\uGuru.sys uGuru.sys (Not verified) ABIT 6.0.0.0 c:\windows\system32\drivers\uguru.sys 20/09/2006 10:06 VT detection: Provider DLL failed to initialize correctly. uliagpkx \SystemRoot\system32\drivers\uliagpkx.sys ULi AGPv3.0 Filter for K8/9 Processor Platforms (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\uliagpkx.sys 19/01/2008 8:02 VT detection: Provider DLL failed to initialize correctly. umbus system32\DRIVERS\umbus.sys User-Mode Bus Enumerator (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\umbus.sys 19/01/2008 8:34 VT detection: Provider DLL failed to initialize correctly. USBAAPL64 System32\Drivers\usbaapl64.sys Apple Mobile Device USB Driver (Not verified) Apple, Inc. 1.65.0.0 c:\windows\system32\drivers\usbaapl64.sys 15/07/2014 19:30 VT detection: Provider DLL failed to initialize correctly. usbaudio system32\drivers\usbaudio.sys USB Audio Class Driver (Not verified) Microsoft Corporation 6.0.6002.18887 c:\windows\system32\drivers\usbaudio.sys 12/07/2013 11:19 VT detection: Provider DLL failed to initialize correctly. usbccgp system32\DRIVERS\usbccgp.sys USB Common Class Generic Parent Driver (Not verified) Microsoft Corporation 6.0.6002.18875 c:\windows\system32\drivers\usbccgp.sys 29/06/2013 4:25 VT detection: Provider DLL failed to initialize correctly. usbehci system32\DRIVERS\usbehci.sys EHCI eUSB Miniport Driver (Not verified) Microsoft Corporation 6.0.6002.18465 c:\windows\system32\drivers\usbehci.sys 5/05/2011 16:17 VT detection: Provider DLL failed to initialize correctly. usbhub system32\DRIVERS\usbhub.sys Default Hub Driver for USB (Not verified) Microsoft Corporation 6.0.6002.18875 c:\windows\system32\drivers\usbhub.sys 29/06/2013 4:25 VT detection: Provider DLL failed to initialize correctly. usbprint system32\DRIVERS\usbprint.sys USB Printer driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\usbprint.sys 19/01/2008 9:10 VT detection: Provider DLL failed to initialize correctly. usbscan system32\DRIVERS\usbscan.sys USB Scanner Driver (Not verified) Microsoft Corporation 6.0.6002.18878 c:\windows\system32\drivers\usbscan.sys 3/07/2013 4:55 VT detection: Provider DLL failed to initialize correctly. USBSTOR system32\DRIVERS\USBSTOR.SYS USB Mass Storage Class Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\usbstor.sys 11/04/2009 7:39 VT detection: Provider DLL failed to initialize correctly. usbuhci system32\DRIVERS\usbuhci.sys UHCI USB Miniport Driver (Not verified) Microsoft Corporation 6.0.6002.18465 c:\windows\system32\drivers\usbuhci.sys 5/05/2011 16:17 VT detection: Provider DLL failed to initialize correctly. vga system32\DRIVERS\vgapnp.sys VGA/Super VGA Video Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\vgapnp.sys 19/01/2008 8:32 VT detection: Provider DLL failed to initialize correctly. VgaSave \SystemRoot\System32\drivers\vga.sys VGA/Super VGA Video Driver (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\drivers\vga.sys 19/01/2008 8:32 VT detection: Provider DLL failed to initialize correctly. volmgr system32\drivers\volmgr.sys Volume Manager Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\volmgr.sys 11/04/2009 7:34 VT detection: Provider DLL failed to initialize correctly. volmgrx System32\drivers\volmgrx.sys Extension of the volume manager driver that manages software RAID volumes (spanned, striped, mirrored, RAID-5) on dynamic disks (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\volmgrx.sys 11/04/2009 7:35 VT detection: Provider DLL failed to initialize correctly. volsnap system32\drivers\volsnap.sys Volume Shadow Copy Driver (Not verified) Microsoft Corporation 6.0.6002.18679 c:\windows\system32\drivers\volsnap.sys 16/08/2012 16:17 VT detection: Provider DLL failed to initialize correctly. VX1000 system32\DRIVERS\VX1000.sys Microsoft LifeCam VX1000 Device Driver (Not verified) Microsoft Corporation 1.3.4.6 c:\windows\system32\drivers\vx1000.sys 6/12/2006 6:03 VT detection: Provider DLL failed to initialize correctly. Wanarp system32\DRIVERS\wanarp.sys Remote Access IP ARP Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\wanarp.sys 11/04/2009 7:43 VT detection: Provider DLL failed to initialize correctly. Wanarpv6 system32\DRIVERS\wanarp.sys Remote Access IPv6 ARP Driver (Not Verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\wanarp.sys 11/04/2009 7:43 VT detection: Provider DLL failed to initialize correctly. Wdf01000 system32\drivers\Wdf01000.sys Kernel Mode Driver Framework Runtime (Not verified) Microsoft Corporation 1.11.9200.16648 c:\windows\system32\drivers\wdf01000.sys 22/06/2013 5:13 VT detection: Provider DLL failed to initialize correctly. WinDriver6 system32\drivers\windrvr6.sys WinDriver Device Driver 11.5.0 (Not verified) Jungo Connectivity 11.5.0.0 c:\windows\system32\drivers\windrvr6.sys 26/01/2014 13:30 VT detection: Provider DLL failed to initialize correctly. Winflash \??\F:\U-ABIT\BlackBox\WinFlash.sys f:\u-abit\blackbox\winflash.sys 17/09/2002 6:55 VT detection: Provider DLL failed to initialize correctly. WpdUsb system32\DRIVERS\wpdusb.sys WPD USB Driver (Not verified) Microsoft Corporation 6.0.6002.18112 c:\windows\system32\drivers\wpdusb.sys 1/10/2009 2:51 VT detection: Provider DLL failed to initialize correctly. WudfPf system32\drivers\WudfPf.sys Windows Driver Foundation - User-mode Driver Framework Platform Driver (Not verified) Microsoft Corporation 6.2.9200.16384 c:\windows\system32\drivers\wudfpf.sys 26/07/2012 4:26 VT detection: Provider DLL failed to initialize correctly. WUDFRd system32\DRIVERS\WUDFRd.sys Windows Driver Foundation - User-mode Driver Framework Reflector (Not verified) Microsoft Corporation 6.2.9200.16384 c:\windows\system32\drivers\wudfrd.sys 26/07/2012 4:26 VT detection: Provider DLL failed to initialize correctly. YMIDUSBW system32\drivers\ymidusbx64.sys USB-MIDI Driver (Not verified) Yamaha Corporation 3.1.0.1 c:\windows\system32\drivers\ymidusbx64.sys 31/01/2011 8:02 VT detection: Provider DLL failed to initialize correctly. ane9h308 ane9h308 ATAPI IDE Miniport Driver (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\drivers\ane9h308.sys 11/04/2009 7:34 VT detection: Provider DLL failed to initialize correctly. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers GenericProvider HKCR\CLSID\{25CBB996-92ED-457e-B28C-4774084BD562} Windows Authentication UI (Not verified) Microsoft Corporation 6.0.6002.19116 c:\windows\system32\authui.dll 2/06/2014 23:29 VT detection: Provider DLL failed to initialize correctly. NPProvider HKCR\CLSID\{3dd6bec0-8193-4ffe-ae25-e08e39ea4063} Windows Authentication UI (Not Verified) Microsoft Corporation 6.0.6002.19116 c:\windows\system32\authui.dll 2/06/2014 23:29 VT detection: Provider DLL failed to initialize correctly. PasswordProvider HKCR\CLSID\{6f45dc1e-5384-457a-bc13-2cd81b0d28ed} Windows Authentication UI (Not Verified) Microsoft Corporation 6.0.6002.19116 c:\windows\system32\authui.dll 2/06/2014 23:29 VT detection: Provider DLL failed to initialize correctly. Smartcard Credential Provider HKCR\CLSID\{8bf9a910-a8ff-457f-999f-a5ca10b4a885} Windows Smartcard Credential Provider (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\smartcardcredentialprovider.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. Smartcard Pin Provider HKCR\CLSID\{94596c7e-3744-41ce-893e-bbf09122f76a} Windows Smartcard Credential Provider (Not Verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\smartcardcredentialprovider.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters GenericFilter HKCR\CLSID\{DDC0EED2-ADBE-40b6-A217-EDE16A79A0DE} Windows Authentication UI (Not Verified) Microsoft Corporation 6.0.6002.19116 c:\windows\system32\authui.dll 2/06/2014 23:29 VT detection: Provider DLL failed to initialize correctly. RemoteLogonFilter HKCR\CLSID\{f614806b-ce60-40cd-990f-e8e07df79e49} Windows Authentication UI (Not Verified) Microsoft Corporation 6.0.6002.19116 c:\windows\system32\authui.dll 2/06/2014 23:29 VT detection: Provider DLL failed to initialize correctly. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\PLAP Providers CRasProvider HKCR\CLSID\{5537E283-B1E7-4EF8-9C6E-7AB0AFE5056D} RAS PLAP Credential Provider (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\rasplap.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors 6200 Series Port lxbulmpm.dll Printer Communication System (Not verified) 6.4.29.0 c:\windows\system32\lxbulmpm.dll 4/04/2007 18:12 VT detection: Provider DLL failed to initialize correctly. Adobe PDF Port Monitor AdobePDF.dll Adobe PDF Port Monitor DLL (Not verified) Adobe Systems Inc 9.2.0.112 c:\windows\system32\adobepdf.dll 19/08/2009 11:45 VT detection: Provider DLL failed to initialize correctly. Local Port localspl.dll Local Spooler DLL (Not verified) Microsoft Corporation 6.0.6002.18631 c:\windows\system32\localspl.dll 11/05/2012 18:35 VT detection: Provider DLL failed to initialize correctly. PCL hpz3l5mu hpz3l5mu.dll LanguageMonitor (Not verified) Hewlett-Packard Company 61.73.241.0 c:\windows\system32\hpz3l5mu.dll 20/10/2007 14:57 VT detection: Provider DLL failed to initialize correctly. pdfcmon pdfcmon.dll pdfcmon (Not verified) pdfforge GbR 0.1.1.0 c:\windows\system32\pdfcmon.dll 14/03/2012 18:23 VT detection: Provider DLL failed to initialize correctly. Standard TCP/IP Port tcpmon.dll Standard TCP/IP Port Monitor DLL (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\tcpmon.dll 11/04/2009 9:09 VT detection: Provider DLL failed to initialize correctly. USB Monitor usbmon.dll Standard Dynamic Printing Port Monitor DLL (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\usbmon.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. WSD Port WSDMon.dll WSD Printer Port Monitor (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\wsdmon.dll 11/04/2009 9:09 VT detection: Provider DLL failed to initialize correctly. HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders credssp.dll credssp.dll TS Single Sign On Security Package (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\credssp.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages msv1_0 msv1_0 Microsoft Authentication Package v1.0 (Not verified) Microsoft Corporation 6.0.6002.18111 c:\windows\system32\msv1_0.dll 10/09/2009 19:10 VT detection: Provider DLL failed to initialize correctly. HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages scecli scecli Windows Security Configuration Editor Client Engine (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\scecli.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages kerberos kerberos Kerberos Security Package (Not verified) Microsoft Corporation 6.0.6002.19220 c:\windows\system32\kerberos.dll 24/10/2014 2:41 VT detection: Provider DLL failed to initialize correctly. msv1_0 msv1_0 Microsoft Authentication Package v1.0 (Not Verified) Microsoft Corporation 6.0.6002.18111 c:\windows\system32\msv1_0.dll 10/09/2009 19:10 VT detection: Provider DLL failed to initialize correctly. schannel schannel TLS / SSL Security Provider (Not verified) Microsoft Corporation 6.0.6002.19375 c:\windows\system32\schannel.dll 30/04/2015 17:42 VT detection: Provider DLL failed to initialize correctly. wdigest wdigest Microsoft Digest Access (Not verified) Microsoft Corporation 6.0.6002.18051 c:\windows\system32\wdigest.dll 15/06/2009 17:13 VT detection: Provider DLL failed to initialize correctly. tspkg tspkg Web Service Security Package (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\tspkg.dll 19/01/2008 9:59 VT detection: Provider DLL failed to initialize correctly. HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms rdpclip rdpclip File not found: rdpclip HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GpExtensions {0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63} wlgpclnt.dll 802.11 Group Policy Client (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\wlgpclnt.dll 11/04/2009 9:10 VT detection: Provider DLL failed to initialize correctly. {25537BA6-77A8-11D2-9B6C-0000F8080861} fdeploy.dll Folder Redirection Group Policy Extension (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\fdeploy.dll 19/01/2008 9:55 VT detection: Provider DLL failed to initialize correctly. {3610eda5-77ef-11d2-8dc5-00c04fa31a66} %SystemRoot%\System32\dskquota.dll Windows Shell Disk Quota Support DLL (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\dskquota.dll 19/01/2008 9:55 VT detection: Provider DLL failed to initialize correctly. {426031c0-0b47-4852-b0ca-ac3d37bfcb39} gptext.dll GPTExt (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\gptext.dll 2/11/2006 13:12 VT detection: Provider DLL failed to initialize correctly. {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} C:\Windows\System32\iedkcs32.dll IEAK branding (Not verified) Microsoft Corporation 18.0.8112.16421 c:\windows\system32\iedkcs32.dll 8/03/2011 14:37 VT detection: Provider DLL failed to initialize correctly. {7933F41E-56F8-41d6-A31C-4148A711EE93} %SystemRoot%\System32\srchadmin.dll Indexing Options (Not verified) Microsoft Corporation 7.0.6002.18005 c:\windows\system32\srchadmin.dll 11/04/2009 9:10 VT detection: Provider DLL failed to initialize correctly. {7B849a69-220F-451E-B3FE-2CB811AF94AE} C:\Windows\System32\iedkcs32.dll IEAK branding (Not Verified) Microsoft Corporation 18.0.8112.16421 c:\windows\system32\iedkcs32.dll 8/03/2011 14:37 VT detection: Provider DLL failed to initialize correctly. {827D319E-6EAC-11D2-A4EA-00C04F79F83A} scecli.dll Windows Security Configuration Editor Client Engine (Not Verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\scecli.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} C:\Windows\System32\iedkcs32.dll IEAK branding (Not Verified) Microsoft Corporation 18.0.8112.16421 c:\windows\system32\iedkcs32.dll 8/03/2011 14:37 VT detection: Provider DLL failed to initialize correctly. {B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A} scecli.dll Windows Security Configuration Editor Client Engine (Not Verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\scecli.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. {B587E2B1-4D59-4e7e-AED9-22B9DF11D053} dot3gpclnt.dll 802.3 Group Policy Client (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\dot3gpclnt.dll 19/01/2008 9:55 VT detection: Provider DLL failed to initialize correctly. {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} C:\Windows\System32\iedkcs32.dll IEAK branding (Not Verified) Microsoft Corporation 18.0.8112.16421 c:\windows\system32\iedkcs32.dll 8/03/2011 14:37 VT detection: Provider DLL failed to initialize correctly. {e437bc1c-aa7d-11d2-a382-00c04f991e27} %SystemRoot%\System32\polstore.dll Policy Storage dll (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\polstore.dll 19/01/2008 9:58 VT detection: Provider DLL failed to initialize correctly. {FB2CA36D-0B40-4307-821B-A13B252DE56C} gptext.dll GPTExt (Not Verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\gptext.dll 2/11/2006 13:12 VT detection: Provider DLL failed to initialize correctly. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit C:\Windows\system32\userinit.exe C:\Windows\system32\userinit.exe Userinit Logon Application (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\userinit.exe 19/01/2008 8:16 VT detection: Provider DLL failed to initialize correctly. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet rundll32 rundll32 Windows host process (Rundll32) (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\rundll32.exe 2/11/2006 11:33 VT detection: Provider DLL failed to initialize correctly. HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls clbcatq clbcatq.dll COM+ Configuration Catalog (Not verified) Microsoft Corporation 2001.12.6931.18000 c:\windows\syswow64\clbcatq.dll 19/01/2008 9:27 VT detection: Provider DLL failed to initialize correctly. ole32 ole32.dll Microsoft OLE for Windows (Not verified) Microsoft Corporation 6.0.6002.18277 c:\windows\syswow64\ole32.dll 28/06/2010 19:00 VT detection: Provider DLL failed to initialize correctly. advapi32 advapi32.dll Advanced Windows 32 Base API (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\syswow64\advapi32.dll 11/04/2009 8:22 VT detection: Provider DLL failed to initialize correctly. COMDLG32 COMDLG32.dll Common Dialogs DLL (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\syswow64\comdlg32.dll 11/04/2009 8:26 VT detection: Provider DLL failed to initialize correctly. gdi32 gdi32.dll GDI Client DLL (Not verified) Microsoft Corporation 6.0.6002.19331 c:\windows\syswow64\gdi32.dll 5/03/2015 4:25 VT detection: Provider DLL failed to initialize correctly. IERTUTIL IERTUTIL.dll Run time utility for Internet Explorer (Not verified) Microsoft Corporation 9.0.8112.16659 c:\windows\syswow64\iertutil.dll 31/05/2015 1:48 VT detection: Provider DLL failed to initialize correctly. IMAGEHLP IMAGEHLP.dll Windows NT Image Helper (Not verified) Microsoft Corporation 6.0.6002.18971 c:\windows\syswow64\imagehlp.dll 22/10/2013 9:21 VT detection: Provider DLL failed to initialize correctly. IMM32 IMM32.dll Multi-User Windows IMM32 API Client DLL (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\syswow64\imm32.dll 11/04/2009 8:26 VT detection: Provider DLL failed to initialize correctly. kernel32 kernel32.dll Windows NT BASE API Client DLL (Not verified) Microsoft Corporation 6.0.6002.19381 c:\windows\syswow64\kernel32.dll 9/05/2015 1:12 VT detection: Provider DLL failed to initialize correctly. LPK LPK.dll Language Pack (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\syswow64\lpk.dll 11/04/2009 8:26 VT detection: Provider DLL failed to initialize correctly. MSCTF MSCTF.dll MSCTF Server DLL (Not verified) Microsoft Corporation 6.0.6002.19296 c:\windows\syswow64\msctf.dll 21/01/2015 4:03 VT detection: Provider DLL failed to initialize correctly. MSVCRT MSVCRT.dll Windows NT CRT DLL (Not verified) Microsoft Corporation 7.0.6002.18551 c:\windows\syswow64\msvcrt.dll 14/12/2011 18:18 VT detection: Provider DLL failed to initialize correctly. NORMALIZ NORMALIZ.dll Unicode Normalization DLL (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\syswow64\normaliz.dll 2/11/2006 10:33 VT detection: Provider DLL failed to initialize correctly. NSI NSI.dll NSI User-mode interface DLL (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\syswow64\nsi.dll 19/01/2008 9:32 VT detection: Provider DLL failed to initialize correctly. OLEAUT32 OLEAUT32.dll (Not verified) Microsoft Corporation 6.0.6002.19243 c:\windows\syswow64\oleaut32.dll 26/11/2014 4:06 VT detection: Provider DLL failed to initialize correctly. rpcrt4 rpcrt4.dll Remote Procedure Call Runtime (Not verified) Microsoft Corporation 6.0.6002.18882 c:\windows\syswow64\rpcrt4.dll 10/07/2013 11:47 VT detection: Provider DLL failed to initialize correctly. Setupapi Setupapi.dll Windows Setup API (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\syswow64\setupapi.dll 11/04/2009 8:25 VT detection: Provider DLL failed to initialize correctly. SHELL32 SHELL32.dll Windows Shell Common Dll (Not verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: Provider DLL failed to initialize correctly. SHLWAPI SHLWAPI.dll Shell Light-weight Utility Library (Not verified) Microsoft Corporation 6.0.6002.18738 c:\windows\syswow64\shlwapi.dll 22/11/2012 5:54 VT detection: Provider DLL failed to initialize correctly. URLMON URLMON.dll OLE32 Extensions for Win32 (Not verified) Microsoft Corporation 9.0.8112.16659 c:\windows\syswow64\urlmon.dll 31/05/2015 1:50 VT detection: Provider DLL failed to initialize correctly. user32 user32.dll Multi-User Windows USER API Client DLL (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\syswow64\user32.dll 11/04/2009 8:26 VT detection: Provider DLL failed to initialize correctly. USP10 USP10.dll Uniscribe Unicode script processor (Not verified) Microsoft Corporation 1.626.6002.19096 c:\windows\syswow64\usp10.dll 26/04/2014 18:01 VT detection: Provider DLL failed to initialize correctly. WININET WININET.dll Internet Extensions for Win32 (Not verified) Microsoft Corporation 9.0.8112.16659 c:\windows\syswow64\wininet.dll 31/05/2015 1:49 VT detection: Provider DLL failed to initialize correctly. WLDAP32 WLDAP32.dll Win32 LDAP API DLL (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\syswow64\wldap32.dll 11/04/2009 8:28 VT detection: Provider DLL failed to initialize correctly. WS2_32 WS2_32.dll Windows Socket 2.0 32-Bit DLL (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\syswow64\ws2_32.dll 19/01/2008 9:32 VT detection: Provider DLL failed to initialize correctly. clbcatq clbcatq.dll COM+ Configuration Catalog (Not verified) Microsoft Corporation 2001.12.6931.18000 c:\windows\system32\clbcatq.dll 19/01/2008 9:54 VT detection: Provider DLL failed to initialize correctly. ole32 ole32.dll Microsoft OLE for Windows (Not verified) Microsoft Corporation 6.0.6002.18277 c:\windows\system32\ole32.dll 28/06/2010 19:21 VT detection: Provider DLL failed to initialize correctly. advapi32 advapi32.dll Advanced Windows 32 Base API (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\advapi32.dll 11/04/2009 9:03 VT detection: Provider DLL failed to initialize correctly. COMDLG32 COMDLG32.dll Common Dialogs DLL (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\comdlg32.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. gdi32 gdi32.dll GDI Client DLL (Not verified) Microsoft Corporation 6.0.6002.19331 c:\windows\system32\gdi32.dll 5/03/2015 3:58 VT detection: Provider DLL failed to initialize correctly. IERTUTIL IERTUTIL.dll Run time utility for Internet Explorer (Not verified) Microsoft Corporation 9.0.8112.16659 c:\windows\system32\iertutil.dll 31/05/2015 2:41 VT detection: Provider DLL failed to initialize correctly. IMAGEHLP IMAGEHLP.dll Windows NT Image Helper (Not verified) Microsoft Corporation 6.0.6002.18971 c:\windows\system32\imagehlp.dll 22/10/2013 11:32 VT detection: Provider DLL failed to initialize correctly. IMM32 IMM32.dll Multi-User Windows IMM32 API Client DLL (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\imm32.dll 11/04/2009 9:06 VT detection: Provider DLL failed to initialize correctly. kernel32 kernel32.dll Windows NT BASE API Client DLL (Not verified) Microsoft Corporation 6.0.6002.19381 c:\windows\system32\kernel32.dll 9/05/2015 1:04 VT detection: Provider DLL failed to initialize correctly. LPK LPK.dll Language Pack (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\lpk.dll 19/01/2008 9:56 VT detection: Provider DLL failed to initialize correctly. MSCTF MSCTF.dll MSCTF Server DLL (Not verified) Microsoft Corporation 6.0.6002.19296 c:\windows\system32\msctf.dll 21/01/2015 3:43 VT detection: Provider DLL failed to initialize correctly. MSVCRT MSVCRT.dll Windows NT CRT DLL (Not verified) Microsoft Corporation 7.0.6002.18551 c:\windows\system32\msvcrt.dll 14/12/2011 18:38 VT detection: Provider DLL failed to initialize correctly. NORMALIZ NORMALIZ.dll Unicode Normalization DLL (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\normaliz.dll 2/11/2006 11:05 VT detection: Provider DLL failed to initialize correctly. NSI NSI.dll NSI User-mode interface DLL (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\nsi.dll 19/01/2008 9:59 VT detection: Provider DLL failed to initialize correctly. OLEAUT32 OLEAUT32.dll (Not verified) Microsoft Corporation 6.0.6002.19243 c:\windows\system32\oleaut32.dll 26/11/2014 3:43 VT detection: Provider DLL failed to initialize correctly. rpcrt4 rpcrt4.dll Remote Procedure Call Runtime (Not verified) Microsoft Corporation 6.0.6002.18882 c:\windows\system32\rpcrt4.dll 10/07/2013 11:43 VT detection: Provider DLL failed to initialize correctly. Setupapi Setupapi.dll Windows Setup API (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\setupapi.dll 11/04/2009 9:08 VT detection: Provider DLL failed to initialize correctly. SHELL32 SHELL32.dll Windows Shell Common Dll (Not verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: Provider DLL failed to initialize correctly. SHLWAPI SHLWAPI.dll Shell Light-weight Utility Library (Not verified) Microsoft Corporation 6.0.6002.18738 c:\windows\system32\shlwapi.dll 22/11/2012 6:22 VT detection: Provider DLL failed to initialize correctly. URLMON URLMON.dll OLE32 Extensions for Win32 (Not verified) Microsoft Corporation 9.0.8112.16659 c:\windows\system32\urlmon.dll 31/05/2015 2:42 VT detection: Provider DLL failed to initialize correctly. user32 user32.dll Multi-User Windows USER API Client DLL (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\user32.dll 11/04/2009 9:09 VT detection: Provider DLL failed to initialize correctly. USP10 USP10.dll Uniscribe Unicode script processor (Not verified) Microsoft Corporation 1.626.6002.19096 c:\windows\system32\usp10.dll 26/04/2014 20:21 VT detection: Provider DLL failed to initialize correctly. WININET WININET.dll Internet Extensions for Win32 (Not verified) Microsoft Corporation 9.0.8112.16659 c:\windows\system32\wininet.dll 31/05/2015 2:42 VT detection: Provider DLL failed to initialize correctly. WLDAP32 WLDAP32.dll Win32 LDAP API DLL (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\wldap32.dll 11/04/2009 9:10 VT detection: Provider DLL failed to initialize correctly. WS2_32 WS2_32.dll Windows Socket 2.0 32-Bit DLL (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\system32\ws2_32.dll 11/04/2009 9:09 VT detection: Provider DLL failed to initialize correctly. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell explorer.exe explorer.exe Windows Explorer (Not verified) Microsoft Corporation 6.0.6002.18005 c:\windows\explorer.exe 11/04/2009 7:26 VT detection: Provider DLL failed to initialize correctly. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AlternateShell cmd.exe cmd.exe Windows Command Processor (Not verified) Microsoft Corporation 6.0.6001.18000 c:\windows\system32\cmd.exe 19/01/2008 8:05 VT detection: Provider DLL failed to initialize correctly. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run LXBUCATS rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXBUtime.dll,RunDLLEntry Windows host process (Rundll32) (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\rundll32.exe 2/11/2006 11:33 VT detection: Provider DLL failed to initialize correctly. ProfilerU C:\Program Files\Saitek\SD6\Software\ProfilerU.exe Saitek SST Profile Launcher (Not verified) Saitek 6.0.7.0 c:\program files\saitek\sd6\software\profileru.exe 12/07/2007 16:31 VT detection: Provider DLL failed to initialize correctly. SaiMfd C:\Program Files\Saitek\SD6\Software\SaiMfd.exe Saitek MFD File System Driver (Not verified) Saitek 6.0.7.0 c:\program files\saitek\sd6\software\saimfd.exe 12/07/2007 16:31 VT detection: Provider DLL failed to initialize correctly. Kernel and Hardware Abstraction Layer KHALMNPR.EXE Logitech KHAL Main Process (Not verified) Logitech, Inc. 4.60.42.0 c:\windows\khalmnpr.exe 29/02/2008 12:02 VT detection: Provider DLL failed to initialize correctly. Nvtmru "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" NVIDIA NvTmru Application (Not verified) NVIDIA Corporation 7.2.17.0 c:\program files (x86)\nvidia corporation\nvidia update core\nvtmru.exe 27/07/2013 10:24 VT detection: Provider DLL failed to initialize correctly. iTunesHelper "C:\Program Files\iTunes\iTunesHelper.exe" iTunesHelper (Not verified) Apple Inc. 12.1.2.27 c:\program files\itunes\ituneshelper.exe 7/04/2015 7:04 VT detection: Provider DLL failed to initialize correctly. MSC "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey Microsoft Security Client User Interface (Not verified) Microsoft Corporation 4.8.204.0 c:\program files\microsoft security client\msseces.exe 30/04/2015 10:43 VT detection: Provider DLL failed to initialize correctly. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run CertificateRegistration aetcrss1.exe Certificate Expiration Check Utility (Not verified) A.E.T. Europe B.V. 2.3.0.1422 c:\windows\syswow64\aetcrss1.exe 12/10/2006 14:10 VT detection: The handle is invalid. LogitechCommunicationsManager "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" Communications Manager (Verified) Logitech Inc 1.4.6.1211 c:\program files (x86)\common files\logishrd\lcommgr\communications_helper.exe 12/01/2007 13:06 VT detection: The handle is invalid. Adobe Reader Speed Launcher "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" Adobe Acrobat SpeedLauncher (Verified) Adobe Systems 8.0.0.0 c:\program files (x86)\adobe\reader 8.0\reader\reader_sl.exe 15/10/2008 11:04 VT detection: The handle is invalid. Adobe Acrobat Speed Launcher "F:\Adobe CS4 Master Collection\Acrobat 9.0\Acrobat\Acrobat_sl.exe" Adobe Acrobat SpeedLauncher (Verified) Adobe Systems 9.5.5.316 f:\adobe cs4 master collection\acrobat 9.0\acrobat\acrobat_sl.exe 8/05/2013 23:14 VT detection: The handle is invalid. Adobe_ID0ENQBO C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE Adobe Version Cue CS4 (Verified) Adobe Systems Incorporated 4.0.0.0 c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4tray.exe 5/06/2008 17:21 VT detection: The handle is invalid. Adobe ARM "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" Adobe Reader and Acrobat Manager (Verified) Adobe Systems 1.7.4.0 c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe 4/04/2013 23:05 VT detection: The handle is invalid. SSDMonitor "C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" SSDMonit Application (Verified) PC Tools 11.0.0.277 c:\program files (x86)\common files\pc tools\smonitor\ssdmonitor.exe 25/10/2011 4:36 VT detection: The handle is invalid. ControlCenter3 "C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" /autorun ControlCenter Program (Not verified) Brother Industries, Ltd. 3.5.1.1 c:\program files (x86)\brother\controlcenter3\brctrcen.exe 21/12/2007 10:57 VT detection: The handle is invalid. SSBkgdUpdate "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot SSBkgdUpdate (Verified) Nuance Communications 5.2.0.0 c:\program files (x86)\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe 4/10/2006 15:49 VT detection: The handle is invalid. JMB36X IDE Setup C:\Windows\RaidTool\xInsIDE.exe c:\windows\raidtool\xinside.exe 20/03/2007 8:36 VT detection: The handle is invalid. SunJavaUpdateSched "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" Java Update Scheduler (Verified) Oracle America 2.8.45.15 c:\program files (x86)\common files\java\java update\jusched.exe 30/04/2015 22:45 VT detection: The handle is invalid. QuickTime Task "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime QuickTime Task (Not verified) Apple Inc. 7.7.7.0 c:\program files (x86)\quicktime\qttask.exe 17/06/2015 9:10 VT detection: The handle is invalid. HKLM\SOFTWARE\Classes\Protocols\Handler cdl HKCR\CLSID\{3dd53d40-7b8b-11D0-b013-00aa0059ce02} OLE32 Extensions for Win32 (Not Verified) Microsoft Corporation 9.0.8112.16659 c:\windows\system32\urlmon.dll 31/05/2015 2:42 VT detection: The handle is invalid. file HKCR\CLSID\{79eac9e7-baf9-11ce-8c82-00aa004ba90b} OLE32 Extensions for Win32 (Not Verified) Microsoft Corporation 9.0.8112.16659 c:\windows\system32\urlmon.dll 31/05/2015 2:42 VT detection: The handle is invalid. ftp HKCR\CLSID\{79eac9e3-baf9-11ce-8c82-00aa004ba90b} OLE32 Extensions for Win32 (Not Verified) Microsoft Corporation 9.0.8112.16659 c:\windows\system32\urlmon.dll 31/05/2015 2:42 VT detection: The handle is invalid. http HKCR\CLSID\{79eac9e2-baf9-11ce-8c82-00aa004ba90b} OLE32 Extensions for Win32 (Not Verified) Microsoft Corporation 9.0.8112.16659 c:\windows\system32\urlmon.dll 31/05/2015 2:42 VT detection: The handle is invalid. https HKCR\CLSID\{79eac9e5-baf9-11ce-8c82-00aa004ba90b} OLE32 Extensions for Win32 (Not Verified) Microsoft Corporation 9.0.8112.16659 c:\windows\system32\urlmon.dll 31/05/2015 2:42 VT detection: The handle is invalid. local HKCR\CLSID\{79eac9e7-baf9-11ce-8c82-00aa004ba90b} OLE32 Extensions for Win32 (Not Verified) Microsoft Corporation 9.0.8112.16659 c:\windows\system32\urlmon.dll 31/05/2015 2:42 VT detection: The handle is invalid. mk HKCR\CLSID\{79eac9e6-baf9-11ce-8c82-00aa004ba90b} OLE32 Extensions for Win32 (Not Verified) Microsoft Corporation 9.0.8112.16659 c:\windows\system32\urlmon.dll 31/05/2015 2:42 VT detection: The handle is invalid. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup BrytonBridge2.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BrytonBridge2.lnk c:\program files (x86)\brytonbridge2\brytonbridge2.exe 3/03/2014 9:04 VT detection: The handle is invalid. Logitech Desktop Messenger.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk Logitech Desktop Messenger (Not verified) Logitech Inc. 2.52.21.16 c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe 14/11/2006 2:30 VT detection: The handle is invalid. Logitech SetPoint.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk Logitech SetPoint Event Manager (UNICODE) (Verified) Logitech 4.60.122.0 c:\program files\logitech\setpoint\setpoint.exe 2/05/2008 10:56 VT detection: The handle is invalid. HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components Browser Customizations "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Windows host process (Rundll32) (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\rundll32.exe 2/11/2006 11:33 VT detection: The handle is invalid. Windows Desktop Update regsvr32.exe /s /n /i:U shell32.dll Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. n/a C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install Windows host process (Rundll32) (Not verified) Microsoft Corporation 6.0.6000.16386 c:\windows\system32\rundll32.exe 2/11/2006 11:33 VT detection: The handle is invalid. HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components n/a C:\Windows\SysWOW64\regsvr32.exe /s C:\Windows\SysWOW64\aetsprov.dll Certificate store provider (Not verified) A.E.T. Europe B.V. 2.3.0.9 c:\windows\syswow64\aetsprov.dll 31/10/2006 16:13 VT detection: The handle is invalid. Windows Desktop Update regsvr32.exe /s /n /i:U shell32.dll Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. Google Chrome "C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome Google Chrome Installer (Verified) Google Inc 43.0.2357.134 c:\program files (x86)\google\chrome\application\43.0.2357.134\installer\chrmstp.exe 13/07/2015 19:43 VT detection: The handle is invalid. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects PostBootReminder object HKCR\CLSID\{7849596a-48ea-486e-8937-a2a3009f31a9} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. Windows Search Shell Service Object HKCR\CLSID\{DA67B8AD-E81B-4c70-9B91-B417B5E33527} Indexing Options (Not Verified) Microsoft Corporation 7.0.6002.18005 c:\windows\system32\srchadmin.dll 11/04/2009 9:10 VT detection: The handle is invalid. ShellFolder for CD Burning HKCR\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects PostBootReminder object HKCR\CLSID\{7849596a-48ea-486e-8937-a2a3009f31a9} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. ShellFolder for CD Burning HKCR\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects Groove GFS Browser Helper HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} Microsoft SharePoint Workspace Extensions (Not Verified) Microsoft Corporation 14.0.4734.1000 c:\program files\microsoft office\office14\grooveex.dll 22/01/2010 4:10 VT detection: The handle is invalid. Google Toolbar Helper HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} Google Toolbar (Verified) Google Inc 7.5.6710.2136 c:\program files (x86)\google\google toolbar\googletoolbar_64.dll 10/07/2015 23:57 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects HP Print Enhancer HKCR\CLSID\{0347C33E-8762-4905-BF09-768834316C61} HP Smart Web Printing add-on for Internet Explorer (Verified) Hewlett-Packard Company 132.0.55458.0 c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll 14/10/2009 0:13 VT detection: The handle is invalid. Adobe PDF Reader Link Helper HKCR\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} Adobe PDF Helper for Internet Explorer (Verified) Adobe Systems 9.5.5.316 c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelper.dll 8/05/2013 11:58 VT detection: The handle is invalid. ContributeBHO Class HKCR\CLSID\{074C1DC5-9320-4A9A-947D-C042949C6216} Contribute IE Plugin (Verified) Adobe Systems Incorporated 1.0.0.0 f:\adobe cs4 master collection\/adobe contribute cs4/contributeieplugin.dll 9/09/2008 21:35 VT detection: The handle is invalid. Adobe PDF Link Helper HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} Adobe PDF Helper for Internet Explorer (Verified) Adobe Systems 9.5.5.316 c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll 8/05/2013 11:58 VT detection: The handle is invalid. RealPlayer Download and Record Plugin for Internet Explorer HKCR\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA} RealPlayer Download and Record Plugin (Verified) RealNetworks 15.0.5.109 c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll 21/06/2012 21:03 VT detection: The handle is invalid. Java(tm) Plug-In SSV Helper HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Java(TM) Platform SE binary (Verified) Oracle America 11.45.2.15 c:\program files (x86)\java\jre1.8.0_45\bin\ssv.dll 30/04/2015 21:58 VT detection: The handle is invalid. Evernote extension HKCR\CLSID\{92EF2EAD-A7CE-4424-B0DB-499CF856608E} Evernote Clipper for Microsoft Internet Explorer (Verified) EVERNOTE CORPORATION 5.2.0.2946 c:\program files (x86)\evernote\evernote\evernoteie.dll 3/03/2014 19:39 VT detection: The handle is invalid. Google Toolbar Helper HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} Google Toolbar (Verified) Google Inc 7.5.6710.2136 c:\program files (x86)\google\google toolbar\googletoolbar_32.dll 11/07/2015 0:14 VT detection: The handle is invalid. Adobe PDF Conversion Toolbar Helper HKCR\CLSID\{AE7CD045-E861-484f-8273-0445EE161910} Adobe PDF Toolbar for Internet Explorer (Verified) Adobe Systems 9.5.5.316 c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll 8/05/2013 12:09 VT detection: The handle is invalid. Java(tm) Plug-In 2 SSV Helper HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Java(TM) Platform SE binary (Verified) Oracle America 11.45.2.15 c:\program files (x86)\java\jre1.8.0_45\bin\jp2ssv.dll 30/04/2015 21:59 VT detection: The handle is invalid. SmartSelect Class HKCR\CLSID\{F4971EE7-DAA0-4053-9964-665D8EE6A077} Adobe PDF Toolbar for Internet Explorer (Verified) Adobe Systems 9.5.5.316 c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll 8/05/2013 12:09 VT detection: The handle is invalid. HP Smart BHO Class HKCR\CLSID\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} HP Smart Web Printing add-on for Internet Explorer (Verified) Hewlett-Packard Company 132.0.55458.0 c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll 14/10/2009 0:13 VT detection: The handle is invalid. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks Groove GFS Stub Execution Hook HKCR\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} Microsoft SharePoint Workspace Extensions (Not Verified) Microsoft Corporation 14.0.4734.1000 c:\program files\microsoft office\office14\grooveex.dll 22/01/2010 4:10 VT detection: The handle is invalid. HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers 7-Zip HKCR\CLSID\{23170F69-40C1-278A-1000-000100020000} 7-Zip Shell Extension (Not verified) Igor Pavlov 4.65.0.0 c:\program files\7-zip\7-zip.dll 3/02/2009 9:10 VT detection: The handle is invalid. Adobe.Acrobat.ContextMenu HKCR\CLSID\{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} Adobe Acrobat Context Menu (Verified) Adobe Systems 9.5.5.316 f:\adobe cs4 master collection\acrobat 9.0\acrobat elements\contextmenu64.dll 8/05/2013 12:53 VT detection: The handle is invalid. LavasoftShellExt HKCR\CLSID\{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll MagicISO HKCR\CLSID\{DB85C504-C730-49DD-BEC1-7B39C6103B7A} MagicISO Shell Extension Module (Not verified) MagicISO, Inc. 5.3.0.198 c:\program files (x86)\magiciso\misosh64.dll 22/05/2008 17:25 VT detection: The handle is invalid. Open With HKCR\CLSID\{09799AFB-AD67-11d1-ABCD-00C04FC30936} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. Open With EncryptionMenu HKCR\CLSID\{A470F8CF-A1E8-4f65-8335-227475AA5C46} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. SmartFTP HKCR\CLSID\{F87DED31-303F-4ED1-9BCE-D360FBC74E0A} SmartFTP Shell Tools (Verified) SmartSoft Ltd 1.0.24.0 f:\smartftp client\sfshelltools.dll 20/08/2010 3:04 VT detection: The handle is invalid. WinZip HKCR\CLSID\{E0D79304-84BE-11CE-9641-444553540000} WinZip Shell Extension DLL (Verified) WinZip Computing 4.1.0.0 c:\program files (x86)\winzip\wzshls64.dll 8/09/2008 22:08 VT detection: The handle is invalid. XXX Groove GFS Context Menu Handler XXX HKCR\CLSID\{6C467336-8281-4E60-8204-430CED96822D} Microsoft SharePoint Workspace Extensions (Not Verified) Microsoft Corporation 14.0.4734.1000 c:\program files\microsoft office\office14\grooveex.dll 22/01/2010 4:10 VT detection: The handle is invalid. Start Menu Pin HKCR\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers 7-Zip HKCR\CLSID\{23170F69-40C1-278A-1000-000100020000} 7-Zip Shell Extension (Not verified) Igor Pavlov 9.20.0.0 c:\program files (x86)\7-zip\7-zip.dll 18/11/2010 18:08 VT detection: The handle is invalid. Adobe.Acrobat.ContextMenu HKCR\CLSID\{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} Adobe Acrobat Context Menu (Verified) Adobe Systems 9.5.5.316 f:\adobe cs4 master collection\acrobat 9.0\acrobat elements\contextmenu.dll 8/05/2013 13:08 VT detection: The handle is invalid. Open With HKCR\CLSID\{09799AFB-AD67-11d1-ABCD-00C04FC30936} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. Open With EncryptionMenu HKCR\CLSID\{A470F8CF-A1E8-4f65-8335-227475AA5C46} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. Start Menu Pin HKCR\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. NBShellHook Class HKCR\CLSID\{A4FD8DDB-5800-4414-97F9-7457AC8EE4F0} Nero BackItUp (Verified) Nero AG 5.4.19.100 f:\nero 10\nero backitup\nbshell.dll 26/03/2010 5:59 VT detection: The handle is invalid. NeroShellExt Class HKCR\CLSID\{F764812A-132C-4013-9960-5CBBEB408A0E} Nero Burning ROM Shell Extension (Verified) Nero AG 10.0.10.100 c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll 18/03/2010 18:08 VT detection: The handle is invalid. HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers LavasoftShellExt HKCR\CLSID\{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll Adobe Drive CS4 HKCR\CLSID\{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} Adobe Drive Menu (Verified) Adobe Systems Incorporated 4.0.1.95 c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll 11/03/2009 22:35 VT detection: The handle is invalid. ShellFolder for CD Burning HKCR\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Classes\Drive\ShellEx\ContextMenuHandlers Adobe Drive CS4 HKCR\CLSID\{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} Adobe Drive Menu (Verified) Adobe Systems Incorporated 4.0.1.95 c:\program files (x86)\common files\adobe\adobe drive cs4\adfsmenu.dll 11/03/2009 22:17 VT detection: The handle is invalid. NeroShellExt Class HKCR\CLSID\{F764812A-132C-4013-9960-5CBBEB408A0E} Nero Burning ROM Shell Extension (Verified) Nero AG 10.0.10.100 c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll 18/03/2010 18:08 VT detection: The handle is invalid. ShellFolder for CD Burning HKCR\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers Summary Properties Page HKCR\CLSID\{883373C3-BF89-11D1-BE35-080036B11A03} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Classes\*\ShellEx\PropertySheetHandlers Summary Properties Page HKCR\CLSID\{883373C3-BF89-11D1-BE35-080036B11A03} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers CopyAsPathMenu HKCR\CLSID\{f3d06e7c-1e45-4a26-847e-f9fcdee59be0} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. Send To HKCR\CLSID\{7BA4C740-9E81-11CF-99D3-00AA004AE837} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. XXX Groove GFS Context Menu Handler XXX HKCR\CLSID\{6C467336-8281-4E60-8204-430CED96822D} Microsoft SharePoint Workspace Extensions (Not Verified) Microsoft Corporation 14.0.4734.1000 c:\program files\microsoft office\office14\grooveex.dll 22/01/2010 4:10 VT detection: The handle is invalid. Adobe Drive CS4 HKCR\CLSID\{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} Adobe Drive Menu (Verified) Adobe Systems Incorporated 4.0.1.95 c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll 11/03/2009 22:35 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers CopyAsPathMenu HKCR\CLSID\{f3d06e7c-1e45-4a26-847e-f9fcdee59be0} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. Send To HKCR\CLSID\{7BA4C740-9E81-11CF-99D3-00AA004AE837} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. Adobe Drive CS4 HKCR\CLSID\{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} Adobe Drive Menu (Verified) Adobe Systems Incorporated 4.0.1.95 c:\program files (x86)\common files\adobe\adobe drive cs4\adfsmenu.dll 11/03/2009 22:17 VT detection: The handle is invalid. HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers 7-Zip HKCR\CLSID\{23170F69-40C1-278A-1000-000100020000} 7-Zip Shell Extension (Not Verified) Igor Pavlov 4.65.0.0 c:\program files\7-zip\7-zip.dll 3/02/2009 9:10 VT detection: The handle is invalid. EncryptionMenu HKCR\CLSID\{A470F8CF-A1E8-4f65-8335-227475AA5C46} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. MagicISO HKCR\CLSID\{DB85C504-C730-49DD-BEC1-7B39C6103B7A} MagicISO Shell Extension Module (Not Verified) MagicISO, Inc. 5.3.0.198 c:\program files (x86)\magiciso\misosh64.dll 22/05/2008 17:25 VT detection: The handle is invalid. SmartFTP HKCR\CLSID\{F87DED31-303F-4ED1-9BCE-D360FBC74E0A} SmartFTP Shell Tools (Verified) SmartSoft Ltd 1.0.24.0 f:\smartftp client\sfshelltools.dll 20/08/2010 3:04 VT detection: The handle is invalid. WinZip HKCR\CLSID\{E0D79304-84BE-11CE-9641-444553540000} WinZip Shell Extension DLL (Verified) WinZip Computing 4.1.0.0 c:\program files (x86)\winzip\wzshls64.dll 8/09/2008 22:08 VT detection: The handle is invalid. XXX Groove GFS Context Menu Handler XXX HKCR\CLSID\{6C467336-8281-4E60-8204-430CED96822D} Microsoft SharePoint Workspace Extensions (Not Verified) Microsoft Corporation 14.0.4734.1000 c:\program files\microsoft office\office14\grooveex.dll 22/01/2010 4:10 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers 7-Zip HKCR\CLSID\{23170F69-40C1-278A-1000-000100020000} 7-Zip Shell Extension (Not Verified) Igor Pavlov 9.20.0.0 c:\program files (x86)\7-zip\7-zip.dll 18/11/2010 18:08 VT detection: The handle is invalid. EncryptionMenu HKCR\CLSID\{A470F8CF-A1E8-4f65-8335-227475AA5C46} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. NeroShellExt Class HKCR\CLSID\{F764812A-132C-4013-9960-5CBBEB408A0E} Nero Burning ROM Shell Extension (Verified) Nero AG 10.0.10.100 c:\program files (x86)\common files\nero\neroshellext\neroshellext.dll 18/03/2010 18:08 VT detection: The handle is invalid. HKLM\Software\Classes\Directory\Shellex\DragDropHandlers 7-Zip HKCR\CLSID\{23170F69-40C1-278A-1000-000100020000} 7-Zip Shell Extension (Not Verified) Igor Pavlov 4.65.0.0 c:\program files\7-zip\7-zip.dll 3/02/2009 9:10 VT detection: The handle is invalid. SmartFTP Drop Handler HKCR\CLSID\{2ED7FD81-CBA6-45E5-A49A-5E84889A94E2} SmartFTP Shell Tools (Verified) SmartSoft Ltd 1.0.24.0 f:\smartftp client\sfshelltools.dll 20/08/2010 3:04 VT detection: The handle is invalid. WinZip HKCR\CLSID\{E0D79305-84BE-11CE-9641-444553540000} WinZip Shell Extension DLL (Verified) WinZip Computing 4.1.0.0 c:\program files (x86)\winzip\wzshls64.dll 8/09/2008 22:08 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers 7-Zip HKCR\CLSID\{23170F69-40C1-278A-1000-000100020000} 7-Zip Shell Extension (Not Verified) Igor Pavlov 9.20.0.0 c:\program files (x86)\7-zip\7-zip.dll 18/11/2010 18:08 VT detection: The handle is invalid. HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers Folder Customization Tab HKCR\CLSID\{ef43ecfe-2ab9-4632-bf21-58909dd177f0} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Classes\Directory\Shellex\PropertySheetHandlers Folder Customization Tab HKCR\CLSID\{ef43ecfe-2ab9-4632-bf21-58909dd177f0} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers FileSystem HKCR\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. FileZilla3CopyHook HKCR\CLSID\{DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} fzshellext Dynamic Link Library 3.2.7.0 c:\program files (x86)\filezilla ftp client\fzshellext_64.dll 1/08/2009 12:34 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers FileSystem HKCR\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. FileZilla3CopyHook HKCR\CLSID\{DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} fzshellext Dynamic Link Library 3.7.3.0 c:\program files (x86)\filezilla ftp client\fzshellext.dll 7/08/2013 21:25 VT detection: The handle is invalid. HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers New HKCR\CLSID\{D969A300-E7FF-11d0-A93B-00A0C90F2719} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\system32\shell32.dll 18/02/2015 3:42 VT detection: The handle is invalid. NvCplDesktopContext HKCR\CLSID\{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} NVIDIA Display Shell Extension (Verified) NVIDIA Corporation 1.2.0.1 c:\windows\system32\nvshext.dll 21/06/2013 11:22 VT detection: The handle is invalid. XXX Groove GFS Context Menu Handler XXX HKCR\CLSID\{6C467336-8281-4E60-8204-430CED96822D} Microsoft SharePoint Workspace Extensions (Not Verified) Microsoft Corporation 14.0.4734.1000 c:\program files\microsoft office\office14\grooveex.dll 22/01/2010 4:10 VT detection: The handle is invalid. Adobe Drive CS4 HKCR\CLSID\{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} Adobe Drive Menu (Verified) Adobe Systems Incorporated 4.0.1.95 c:\program files\common files\adobe\adobe drive cs4\adfsmenu.dll 11/03/2009 22:35 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers New HKCR\CLSID\{D969A300-E7FF-11d0-A93B-00A0C90F2719} Windows Shell Common Dll (Not Verified) Microsoft Corporation 6.0.6002.19322 c:\windows\syswow64\shell32.dll 18/02/2015 4:02 VT detection: The handle is invalid. Adobe Drive CS4 HKCR\CLSID\{C95FFEAE-A32E-4122-A5C4-49B5BFB69795} Adobe Drive Menu (Verified) Adobe Systems Incorporated 4.0.1.95 c:\program files (x86)\common files\adobe\adobe drive cs4\adfsmenu.dll 11/03/2009 22:17 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers PDF Shell Extension HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627} PDF Shell Extension (Verified) Adobe Systems 9.5.5.316 c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll 8/05/2013 12:17 VT detection: The handle is invalid. HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers Adobe.Acrobat.ContextMenu HKCR\CLSID\{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} Adobe Acrobat Context Menu (Verified) Adobe Systems 9.5.5.316 f:\adobe cs4 master collection\acrobat 9.0\acrobat elements\contextmenu64.dll 8/05/2013 12:53 VT detection: The handle is invalid. LavasoftShellExt HKCR\CLSID\{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll MagicISO HKCR\CLSID\{DB85C504-C730-49DD-BEC1-7B39C6103B7A} MagicISO Shell Extension Module (Not Verified) MagicISO, Inc. 5.3.0.198 c:\program files (x86)\magiciso\misosh64.dll 22/05/2008 17:25 VT detection: The handle is invalid. RUShellExt HKCR\CLSID\{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} Revo Uninstaller Pro Extension (Verified) VS Revo Group 1.0.0.3 f:\revo uninstaller pro\ruext.dll 7/12/2012 13:55 VT detection: The handle is invalid. WinZip HKCR\CLSID\{E0D79304-84BE-11CE-9641-444553540000} WinZip Shell Extension DLL (Verified) WinZip Computing 4.1.0.0 c:\program files (x86)\winzip\wzshls64.dll 8/09/2008 22:08 VT detection: The handle is invalid. XXX Groove GFS Context Menu Handler XXX HKCR\CLSID\{6C467336-8281-4E60-8204-430CED96822D} Microsoft SharePoint Workspace Extensions (Not Verified) Microsoft Corporation 14.0.4734.1000 c:\program files\microsoft office\office14\grooveex.dll 22/01/2010 4:10 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers Adobe.Acrobat.ContextMenu HKCR\CLSID\{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} Adobe Acrobat Context Menu (Verified) Adobe Systems 9.5.5.316 f:\adobe cs4 master collection\acrobat 9.0\acrobat elements\contextmenu.dll 8/05/2013 13:08 VT detection: The handle is invalid. NBShellHook Class HKCR\CLSID\{A4FD8DDB-5800-4414-97F9-7457AC8EE4F0} Nero BackItUp (Verified) Nero AG 5.4.19.100 f:\nero 10\nero backitup\nbshell.dll 26/03/2010 5:59 VT detection: The handle is invalid. HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers SmartFTP Drop Handler HKCR\CLSID\{2ED7FD81-CBA6-45E5-A49A-5E84889A94E2} SmartFTP Shell Tools (Verified) SmartSoft Ltd 1.0.24.0 f:\smartftp client\sfshelltools.dll 20/08/2010 3:04 VT detection: The handle is invalid. WinZip HKCR\CLSID\{E0D79305-84BE-11CE-9641-444553540000} WinZip Shell Extension DLL (Verified) WinZip Computing 4.1.0.0 c:\program files (x86)\winzip\wzshls64.dll 8/09/2008 22:08 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers NBShellHook HKCR\CLSID\{A4FD8DDB-5800-4414-97F9-7457AC8EE4F0} Nero BackItUp (Verified) Nero AG 5.4.19.100 f:\nero 10\nero backitup\nbshell.dll 26/03/2010 5:59 VT detection: The handle is invalid. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers Groove Explorer Icon Overlay 1 (GFS Unread Stub) HKCR\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7} Microsoft SharePoint Workspace Extensions (Not Verified) Microsoft Corporation 14.0.4734.1000 c:\program files\microsoft office\office14\grooveex.dll 22/01/2010 4:10 VT detection: The handle is invalid. Groove Explorer Icon Overlay 2 (GFS Stub) HKCR\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} Microsoft SharePoint Workspace Extensions (Not Verified) Microsoft Corporation 14.0.4734.1000 c:\program files\microsoft office\office14\grooveex.dll 22/01/2010 4:10 VT detection: The handle is invalid. Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) HKCR\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399} Microsoft SharePoint Workspace Extensions (Not Verified) Microsoft Corporation 14.0.4734.1000 c:\program files\microsoft office\office14\grooveex.dll 22/01/2010 4:10 VT detection: The handle is invalid. Groove Explorer Icon Overlay 3 (GFS Folder) HKCR\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619} Microsoft SharePoint Workspace Extensions (Not Verified) Microsoft Corporation 14.0.4734.1000 c:\program files\microsoft office\office14\grooveex.dll 22/01/2010 4:10 VT detection: The handle is invalid. Groove Explorer Icon Overlay 4 (GFS Unread Mark) HKCR\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} Microsoft SharePoint Workspace Extensions (Not Verified) Microsoft Corporation 14.0.4734.1000 c:\program files\microsoft office\office14\grooveex.dll 22/01/2010 4:10 VT detection: The handle is invalid. SmartFTP Drop HKCR\CLSID\{EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} SmartFTP Shell Tools (Verified) SmartSoft Ltd 1.0.24.0 f:\smartftp client\sfshelltools.dll 20/08/2010 3:04 VT detection: The handle is invalid. HKLM\Software\Microsoft\Internet Explorer\Toolbar Google Toolbar HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} Google Toolbar (Verified) Google Inc 7.5.6710.2136 c:\program files (x86)\google\google toolbar\googletoolbar_64.dll 10/07/2015 23:57 VT detection: The handle is invalid. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar Adobe PDF HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} Adobe PDF Toolbar for Internet Explorer (Verified) Adobe Systems 9.5.5.316 c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll 8/05/2013 12:09 VT detection: The handle is invalid. Google Toolbar HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} Google Toolbar (Verified) Google Inc 7.5.6710.2136 c:\program files (x86)\google\google toolbar\googletoolbar_32.dll 11/07/2015 0:14 VT detection: The handle is invalid. HKLM\Software\Microsoft\Internet Explorer\Extensions Add to Evernote 5 AddNote.html File not found: AddNote.html HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions Add to Evernote 5 C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html c:\program files (x86)\evernote\evernote\evernoteieres\addnote.html 24/02/2014 17:55 VT detection: The handle is invalid. Toon of verberg HP Smart Web Printing C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll HP Smart Web Printing add-on for Internet Explorer (Verified) Hewlett-Packard Company 132.0.55458.0 c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll 14/10/2009 0:13 VT detection: The handle is invalid. C:\Users\Zakelijk - Estate Pl\AppData\Local\Microsoft\Windows Sidebar\Settings.ini Calendar C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget Browse the days of the calendar. (Not Verified) Microsoft Corporation C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml 2/10/2012 17:17 VT detection: The handle is invalid. Clock C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget Watch the clock in your own time zone or any city in the world. (Not Verified) Microsoft Corporation C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Gadget.xml 2/10/2012 17:17 VT detection: The handle is invalid. Weather C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget See what the weather looks like around the world. (Not Verified) Microsoft Corporation C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Gadget.xml 2/10/2012 17:17 VT detection: The handle is invalid. HKCU\Software\Microsoft\Office\Outlook\Addins [DISABLED] {5B7AB748-6D2E-4827-90A5-32B426DC61B7} HKCR\CLSID\{5B7AB748-6D2E-4827-90A5-32B426DC61B7} VT detection: The system cannot find the path specified. {764902B9-26D2-4FD7-978D-DF5107717D01} HKCR\CLSID\{764902B9-26D2-4FD7-978D-DF5107717D01} VT detection: The system cannot find the path specified. {EFEF7FDB-0CED-4FB6-B3BB-3C50D39F4120} HKCR\CLSID\{EFEF7FDB-0CED-4FB6-B3BB-3C50D39F4120} VT detection: The system cannot find the path specified. {BD6BEEE8-64CE-4814-B319-990645883E89} HKCR\CLSID\{BD6BEEE8-64CE-4814-B319-990645883E89} VT detection: The system cannot find the path specified. FormRegionAddin Class HKCR\CLSID\{F959DBBB-3867-41F2-8E5F-3B8BEFAA81B3} VT detection: The system cannot find the path specified. HKCU\Software\Microsoft\Office\Excel\Addins {9155B148-95E7-4282-884A-1F086FE6FE5D} HKCR\CLSID\{9155B148-95E7-4282-884A-1F086FE6FE5D} VT detection: The system cannot find the path specified. HKCU\Software\Microsoft\Office\PowerPoint\Addins [DISABLED] OneNote PowerPoint Add-In Take Notes Content Service Class HKCR\CLSID\{3A7CAEBB-C5C3-4EFF-ADDF-C32663BDF8DA} VT detection: The system cannot find the path specified. HKCU\Software\Microsoft\Office\Word\Addins [DISABLED] {9155B148-95E7-4282-884A-1F086FE6FE5D} HKCR\CLSID\{9155B148-95E7-4282-884A-1F086FE6FE5D} VT detection: The system cannot find the path specified. [DISABLED] {CCFA3D3B-C317-455C-9292-960F81287088} HKCR\CLSID\{CCFA3D3B-C317-455C-9292-960F81287088} VT detection: The system cannot find the path specified. [DISABLED] OneNote Word Add-In Take Notes Content Service Class HKCR\CLSID\{C580A1B2-5915-4DC3-BE93-8A51F4CAB320} VT detection: The system cannot find the path specified. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run swg "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" GoogleToolbarNotifier (Verified) Google Inc 4.1.509.1944 c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe 12/05/2008 20:14 VT detection: The handle is invalid. ABIT uGuruIII F:\U-ABIT\uGuru\LaunchuGuru.exe f:\u-abit\uguru\launchuguru.exe 9/02/2007 10:05 VT detection: The handle is invalid. Hobbyist Software VLC Streamer "F:\VLC Streamer\VLC Streamer Configuration.exe" /startup VLC Streamer Configuration (Verified) Hobbyist Software 5.4.0.0 f:\vlc streamer\vlc streamer configuration.exe 21/04/2015 23:01 VT detection: The handle is invalid. Spotify Web Helper "C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Spotify\SpotifyWebHelper.exe" SpotifyWebHelper (Verified) Spotify AB 1.0.9.133 c:\users\zakelijk - estate pl\appdata\roaming\spotify\spotifywebhelper.exe 3/07/2015 11:39 VT detection: The handle is invalid. Spotify "C:\users\frederic\AppData\Roaming\Spotify\spotify.exe" -autostart -minimized Spotify (Verified) Spotify AB 1.0.1.1060 c:\users\frederic\appdata\roaming\spotify\spotify.exe 26/02/2015 17:16 VT detection: The handle is invalid. Dropbox Update "C:\Users\Zakelijk - Estate Pl\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c Dropbox Update (Verified) Dropbox 1.3.27.7 c:\users\zakelijk - estate pl\appdata\local\dropbox\update\dropboxupdate.exe 30/04/2015 22:41 VT detection: The handle is invalid. Web Companion C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize File not found: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize.exe C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk Dropbox (Verified) Dropbox 3.6.9.0 c:\users\zakelijk - estate pl\appdata\roaming\dropbox\bin\dropbox.exe 19/03/2015 9:13 VT detection: The handle is invalid. ==== C:\zoek_backup content ====================== C:\zoek_backup (files=290 folders=149 69490838 bytes) ==== EOF on ma 20/07/2015 at 15:09:33.21 ======================