Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-01-2015 Ran by Gebruiker at 2015-01-09 18:54:19 Running from E:\wvh\Downloads\ZOEK.exe\Farbar recovery scan Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) 8Smoker Pro 1.0 (HKLM\...\8Smoker Pro_is1) (Version: 1.0 - WareSoft Software) Aangifte inkomstenbelasting 2012 (HKLM\...\Aangifte inkomstenbelasting 2012) (Version: - Belastingdienst) Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated) AIO_CDA_ProductContext (Version: 140.0.425.000 - Hewlett-Packard) Hidden AIO_CDA_Software (Version: 140.0.428.000 - Hewlett-Packard) Hidden AIO_Scan (Version: 130.0.421.000 - Hewlett-Packard) Hidden AllShare Framework DMS (HKLM\...\{2A21F7DB-5C48-4B5A-94BE-C6EADCD2ABC5}) (Version: 1.3.06 - Samsung) AllShare Play 1.5.0.1302211905 (HKLM\...\8474-7877-9059-0204) (Version: 1.5.0.1302211905 - Copyright 2013 SAMSUNG) Assessments on Client (Version: 8.100.26866 - Microsoft) Hidden Bridge Office Resultaten 5.4.11 (HKLM\...\Bridge Office Resultaten 5.4.11) (Version: - ) BufferChm (Version: 140.0.298.000 - Hewlett-Packard) Hidden C5100 (Version: 140.0.425.000 - Hewlett-Packard) Hidden c5100_Help (Version: 82.0.256.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP) Classic Shell (HKLM\...\{E0E49E80-19DE-43FE-BFF2-8C58DDF3C7F9}) (Version: 4.1.0 - IvoSoft) Clean Master (HKLM\...\Clean Master) (Version: 1.0 - Cheetah Mobile) Cloudfogger (HKLM\...\{E5A0D9A8-3711-4DB2-833C-FF79EF65830D}_is1) (Version: 1.4.2143.0 - Cloudfogger GmbH) Copy (Version: 140.0.298.000 - Hewlett-Packard) Hidden CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.4707 - CyberLink Corp.) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Destinations (Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 140.0.298.000 - Hewlett-Packard) Hidden DocProc (Version: 140.0.185.000 - Hewlett-Packard) Hidden Download & Installeer Packages (HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Download & Installeer Packages) (Version: - ) <==== ATTENTION Driver Booster (HKLM\...\Driver Booster_is1) (Version: 1.4 - IObit) Dropbox (HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.) ECOhome 2010a (HKLM\...\{58ED3EC1-7333-4767-8B39-61CA352AF56E}_is1) (Version: - nibfo) Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd.) Fax (Version: 140.0.307.000 - Hewlett-Packard) Hidden Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.1.32.905 - Foxit Software Inc.) Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.3.916 - Foxit Software Inc.) Free OCR to Word 5.3.5 (HKLM\...\Free OCR to Word_is1) (Version: - FreeOCRtoWord, Inc.) Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com) FreeCommander XE (HKLM\...\FreeCommander XE_is1) (Version: Preview - Marek Jasinski) Freemake Video Converter versie 4.1.5 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation) FreeSizer v.1.0.0 (HKLM\...\{B0C5249A-E603-450A-B19A-D9989D24C855}}_is1) (Version: 1.0.0 - WinBit Software) GemistDownloader (HKLM\...\GemistDownloader) (Version: 2.8.1.7 - Wietze Beukema (HelpdeskWeb.nl)) Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Drive (HKLM\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden GPBaseService2 (Version: 140.0.297.000 - Hewlett-Packard) Hidden Heimdal (HKLM\...\Heimdal) (Version: 1.10.3.686 - CSIS Security Group) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart 6520 series Basissoftware van het apparaat (HKLM\...\{25AA0016-177E-4D2C-89F4-F8B8563DE3B9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photosmart All-In-One Driver Software (HKLM\...\{4F6C1178-3FC0-44BB-8F9A-28D8516DFEE2}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 140.0.298.000 - Hewlett-Packard) Hidden Intel(R) Update Manager (HKLM\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) Intel® SSD Toolbox (HKLM\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.2.3.400 - Intel Corporation) IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 4.1.5.30 - IObit) Jasc Paint Shop Pro 8 (HKLM\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.00.0000 - Jasc Software Inc) JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.67.0 - JMicron Technology Corp.) KeePass Password Safe 2.28 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl) Kits Configuration Installer (Version: 8.100.25984 - Microsoft) Hidden LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd) Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.) Macrium Reflect Free Edition (Version: 5.2.6462 - Paramount Software (UK) Ltd.) Hidden Malwarebytes Anti-Malware versie 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Plus 2013 - nl-nl (HKLM\...\ProPlusRetail - nl-nl) (Version: 15.0.4454.1004 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Network (Version: 140.0.306.000 - Hewlett-Packard) Hidden NVIDIA HD Audio-stuurprogramma 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) Office 15 Click-to-Run Extensibility Component (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden OPSWAT GEARS Uninstall (only) (HKLM\...\OPSWAT Gears) (Version: 7.2.86.0 - OPSWAT, Inc.) Photo Story 3 voor Windows (HKLM\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.15 - Microsoft Corporation) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) Rapport (Version: 3.5.1404.37 - Trusteer) Hidden Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Saladin 0.6 (HKLM\...\Saladin) (Version: 0.6 - Michał Męciński) Scan (Version: 140.0.253.000 - Hewlett-Packard) Hidden Seagate Dashboard (HKLM\...\{F1D8690F-06B3-4100-9949-398EA253AC61}) (Version: 3.2.1802.2 - Seagate) Search Protection (HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Search Protection) (Version: 10.7.0.1 - Spigot, Inc.) <==== ATTENTION SlimCleaner (HKLM\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.) SolutionCenter (Version: 140.0.299.000 - Hewlett-Packard) Hidden Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.16.201411190934 - Sony Mobile Communications Inc.) Sony PC Companion 2.10.236 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.236 - Sony) Start Menu Reviver (HKLM\...\Start Menu Reviver) (Version: 2.5.0.18 - ReviverSoft) Status (Version: 140.0.342.000 - Hewlett-Packard) Hidden Toolbox (Version: 140.0.596.000 - Hewlett-Packard) Hidden Toolkit Documentation (Version: 8.100.26866 - Microsoft) Hidden Toolwiz TimeFreeze (HKLM\...\Toolwiz TimeFreeze) (Version: 1.9.5.0 - Toolwiz TimeFreeze Installer) TrayApp (Version: 140.0.297.000 - Hewlett-Packard) Hidden Trusteer Eindpuntbeveiliging (HKLM\...\Rapport_msi) (Version: 3.5.1404.37 - Trusteer) USB Video/Audio Device Driver (HKLM\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - Uw bedrijfsnaam) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) Vista Shortcut Manager (HKLM\...\{47609E69-4C5E-48B1-A889-24C6B82B5C04}) (Version: 2.0 - Frameworkx) VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN) VSO Video Converter 1 (HKLM\...\{{5289246A-D537-4823-88C2-38C17840E45A}_is1) (Version: 1.5.0.10 - VSO Software) WebReg (Version: 140.0.297.017 - Hewlett-Packard) Hidden Windows 7 downloadprogramma voor USB/DVD (HKLM\...\{4CF91994-B6A2-4E6F-BC39-39390CFE41DF}) (Version: 1.0.30 - Microsoft Corporation) Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) WPT Redistributables (Version: 8.100.26866 - Microsoft) Hidden WPTx86 (Version: 8.100.26837 - Microsoft) Hidden Ziggo Internetbeveiliging (HKLM\...\F-Secure ServiceEnabler 45123) (Version: 1.71.340.0 - F-Secure Corporation) Ziggo Internetbeveiliging (Version: 1.71.340.0 - F-Secure Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-235396244-3051213757-2033591465-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-235396244-3051213757-2033591465-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\FileSyncApi.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-235396244-3051213757-2033591465-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-235396244-3051213757-2033591465-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-235396244-3051213757-2033591465-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-235396244-3051213757-2033591465-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-235396244-3051213757-2033591465-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-235396244-3051213757-2033591465-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-235396244-3051213757-2033591465-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-235396244-3051213757-2033591465-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 22-12-2014 16:37:31 Windows Update 03-01-2015 16:10:32 Windows Update 05-01-2015 15:11:56 Installed Rapport 07-01-2015 19:35:09 zoek.exe restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 07:13 - 2013-08-22 07:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {03AB9633-6681-4A29-B13B-0B2D0A8400EF} - System32\Tasks\ReviverSoft Start Menu Run once task => C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe [2014-09-17] (ReviverSoft) Task: {06D2042F-AB48-4AC9-8232-520B1086A13E} - System32\Tasks\SlimCleaner Run => C:\Program Files\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.) Task: {0B656DE8-C56F-4D97-B803-590C89F58CA5} - System32\Tasks\Microsoft Office 15 Sync Maintenance for GEBRUIK-W9RJQI2-Gebruiker GEBRUIK-W9RJQI2 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2013-01-31] (Microsoft Corporation) Task: {0E2C8F6D-D9CB-46A9-8AF0-2FBB5C282A47} - System32\Tasks\Seagate_Install_Launch => C:\Program Files\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2014-09-17] (Seagate Technology LLC) Task: {102E2A01-1A00-499A-8B54-0576A2CE472F} - System32\Tasks\Gebruiker DBAgent 2 0 => C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2014-09-17] (Seagate Technology LLC) Task: {1F3F5C15-8734-47D0-A02A-C0864DD99972} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe Task: {284D1F2E-FAFB-48E7-837D-21AE88B63FA3} - \Driver Booster SkipUAC (Gebruiker) No Task File <==== ATTENTION Task: {513D58B7-38CD-4E8B-AA96-593AC5AC6936} - \Driver Booster Startup No Task File <==== ATTENTION Task: {67292150-BC64-49CC-B5AE-983A958A167D} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-18] (IObit) Task: {73D87C15-222E-4E90-8B95-701BB13AE4EC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {8516B002-D5F6-4D42-831C-04D65B071E39} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-27] (Google Inc.) Task: {886D53D2-742D-4156-A2A2-A9B9350B8EB4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {8DB50938-85F6-4353-8228-55694BE7D655} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd) Task: {8FE7CEA1-286B-4856-89E8-9F8012FBB4AD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-14] (Microsoft Corporation) Task: {92BFE84D-FC51-4C95-8F6E-DB999A7A8D24} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-01-31] (Microsoft Corporation) Task: {9D86CDD8-B59E-4862-AA09-E251BC56FD2F} - System32\Tasks\{9525A1E1-3B21-459E-9A38-7D6110BC21E9} => pcalua.exe -a C:\Users\Gebruiker\Downloads\RapportSetup.exe -d C:\Users\Gebruiker\Downloads Task: {A5638D85-61BA-46F8-AFF8-22D7F0865310} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe Task: {A7DCC9CE-51BD-4FC6-B6B7-00F733FFDF4D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {B1039E66-FF5E-464B-8614-78EAA67CDF3F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-01-31] (Microsoft Corporation) Task: {D420A2C0-5F43-4CAE-BFAD-3B3C2BC49801} - System32\Tasks\{FE803910-E5B6-4697-AF53-DCC5BAE4215F} => pcalua.exe -a C:\Users\Gebruiker\Downloads\RpprtSetup.exe -d C:\Users\Gebruiker\Downloads Task: {DC46A9F9-D619-4F8F-A60C-870A9220A2BD} - System32\Tasks\{F96B317C-865D-4F21-86E8-0CC63FAB6E37} => pcalua.exe -a M:\WinZip\WINZIP32.EXE -d M:\WinZip Task: {E039DAC6-18CD-4E6B-8FBC-9FB3CCD06419} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-27] (Google Inc.) Task: {E1364808-6834-4129-8EFD-D21DA2247D32} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-235396244-3051213757-2033591465-1000 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe Task: {E43C3D57-F8A3-4889-AD37-E51D1F8BB77A} - System32\Tasks\{45006DBC-FE6A-4A1D-902B-B94DB8777EB0} => pcalua.exe -a "C:\Program Files\DownloadManager\JDUninstall.exe" Task: {EF792C77-BB42-4C41-B39D-01EEF89849A8} - System32\Tasks\Uninstaller_SkipUac_Gebruiker => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-18] (IObit) Task: {F311213E-5D9E-4E84-8565-DD59EB452D1D} - System32\Tasks\Gebruiker1 Merge => C:\Program Files\Seagate\Seagate Dashboard 2.0\NBCore.exe [2014-09-17] (Seagate Technology LLC) Task: {F6D5E009-9A11-4965-82FD-A319E29D66C8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Gebruiker.job => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Loaded Modules (whitelisted) ============= 2014-01-22 21:41 - 2014-05-20 01:04 - 00106840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2014-09-22 11:49 - 2014-09-22 11:49 - 00024064 _____ () C:\WINDOWS\System32\ssj2mlm.dll 2012-10-22 16:55 - 2012-10-22 16:55 - 01113600 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\DMSManager.dll 2012-08-21 11:25 - 2012-08-21 11:25 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\boost_serialization-vc90-mt-1_47.dll 2012-08-21 11:26 - 2012-08-21 11:26 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\boost_date_time-vc90-mt-1_47.dll 2012-08-21 11:25 - 2012-08-21 11:25 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\boost_system-vc90-mt-1_47.dll 2012-08-21 11:26 - 2012-08-21 11:26 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\boost_thread-vc90-mt-1_47.dll 2012-10-05 17:27 - 2012-10-05 17:27 - 00704000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ContentDirectoryPresenter.dll 2012-08-21 19:06 - 2012-08-21 19:06 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\DCMCDP.dll 2012-08-21 19:06 - 2012-08-21 19:06 - 00101376 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\FolderCDP.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\Autobackup.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\RosettaAllShare.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\MetadataFramework.dll 2012-08-14 11:13 - 2012-08-14 11:13 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\sqlite3.dll 2012-08-14 11:13 - 2012-08-14 11:13 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\MoodExtractor.dll 2012-08-14 11:43 - 2012-08-14 11:43 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\DCMImgExtractor.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AutoChaptering.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AudioExtractor.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\VideoExtractor.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ImageExtractor.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\TextExtractor.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\libexpat.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\VideoThumb.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00063488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ID3Driver.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\RichInfoDriver.dll 2012-10-22 16:55 - 2012-10-22 16:55 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ThumbnailMaker.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00133120 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\VideoMetadataDriver.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\SECMetaDriver.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\photoDriver.dll 2012-08-14 11:43 - 2012-08-14 11:43 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\avcodec-52.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\avformat-52.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\avutil-50.dll 2012-08-14 11:43 - 2012-08-14 11:43 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\swscale-0.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\tag.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\libThumbnail.dll 2012-10-22 16:55 - 2012-10-22 16:55 - 01033216 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\ImageMagickWrapper.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\libKeyFrame.dll 2012-08-14 11:43 - 2012-08-14 11:43 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\libexif-12.dll.dll 2012-08-14 11:42 - 2012-08-14 11:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\us.dll 2013-01-24 18:47 - 2012-11-10 10:20 - 00308288 _____ () C:\Program Files\Microsoft Office 15\ClientX86\c2rui.dll 2013-01-24 18:47 - 2012-11-23 17:35 - 00354368 _____ () C:\Program Files\Microsoft Office 15\ClientX86\c2r32.dll 2013-01-24 18:47 - 2012-11-10 10:20 - 00404032 _____ () C:\Program Files\Microsoft Office 15\ClientX86\StreamServer.dll 2014-05-27 12:32 - 2010-08-19 16:43 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe 2014-05-27 11:52 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll 2014-05-27 11:52 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2014-05-27 11:52 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl 2014-05-27 11:52 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-05-27 11:52 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2014-12-10 10:22 - 2014-12-10 10:22 - 00705856 _____ () C:\Program Files\OPSWAT\OnDemand\ondemands\oesis\libwaadbrowser.dll 2014-01-23 16:54 - 2014-01-23 16:54 - 00593464 _____ () C:\WINDOWS\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll 2015-01-08 17:18 - 2014-12-31 04:43 - 00110912 _____ () C:\Program Files\OPSWAT\GEARS Client\dash.DLL 2015-01-08 17:18 - 2014-12-31 04:43 - 00068416 _____ () C:\Program Files\OPSWAT\GEARS Client\metascan.DLL 2015-01-08 17:18 - 2014-12-31 04:43 - 00068928 _____ () C:\Program Files\OPSWAT\GEARS Client\sessionshield.DLL 2014-05-26 19:29 - 2013-02-25 15:36 - 00054608 _____ () C:\Program Files\Cloudfogger\CfInstall.dll 2014-05-26 19:29 - 2012-11-16 10:31 - 00055296 _____ () C:\Program Files\Cloudfogger\CrashRpt1300.dll 2014-09-13 17:45 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll 2014-09-13 17:45 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files\Sony\Sony PC Companion\MExplorer.dll 2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files\Sony\Sony PC Companion\Report.dll 2014-09-13 17:45 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files\Sony\Sony PC Companion\sqlite3.dll 2014-09-13 17:45 - 2010-01-11 15:44 - 00053248 _____ () C:\Program Files\Sony\Sony PC Companion\VObject.dll 2014-10-30 14:36 - 2014-10-30 14:36 - 00648704 _____ () C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll 2014-11-22 01:03 - 2014-11-22 01:03 - 00050688 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2014-09-13 17:45 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe 2014-10-29 11:22 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libglesv2.dll 2014-10-29 11:22 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libegl.dll 2014-10-29 11:22 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll 2014-10-29 11:22 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll 2015-01-09 12:17 - 2015-01-09 12:17 - 00098816 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\win32api.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00110080 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\pywintypes27.dll 2015-01-09 12:17 - 2015-01-09 12:17 - 00364544 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\pythoncom27.dll 2015-01-09 12:17 - 2015-01-09 12:17 - 00045568 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\_socket.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 01160704 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\_ssl.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00320512 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\win32com.shell.shell.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00713216 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\_hashlib.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 01175040 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\wx._core_.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00805888 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\wx._gdi_.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00811008 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\wx._windows_.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 01062400 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\wx._controls_.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00735232 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\wx._misc_.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00128512 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\_elementtree.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00127488 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\pyexpat.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00557056 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\pysqlite2._sqlite.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00087552 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\_ctypes.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00119808 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\win32file.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00108544 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\win32security.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00007168 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\hashobjs_ext.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00167936 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\win32gui.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00018432 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\win32event.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00038912 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\win32inet.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00011264 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\win32crypt.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00070656 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\wx._html2.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00027136 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\_multiprocessing.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00035840 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\win32process.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00686080 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\unicodedata.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00122368 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\wx._wizard.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00024064 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\win32pipe.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00025600 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\win32pdh.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00525640 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\windows._lib_cacheinvalidation.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00010240 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\select.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00017408 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\win32profile.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00022528 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\win32ts.pyd 2015-01-09 12:17 - 2015-01-09 12:17 - 00078336 _____ () C:\Users\Gebruiker\AppData\Local\Temp\_MEI75602\wx._animate.pyd 2014-12-10 10:22 - 2014-12-10 10:22 - 00314688 _____ () C:\Program Files\OPSWAT\OnDemand\ondemands\oesis\wa_3rd_party_host_32.exe 2015-01-09 12:19 - 2015-01-09 12:19 - 00017408 _____ () C:\Users\Gebruiker\AppData\Local\Temp\nsa45E6.tmp\Registry.dll 2013-01-31 17:15 - 2013-01-31 17:15 - 00312912 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2013-01-31 17:16 - 2013-01-31 17:16 - 00354368 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Gebruiker\SkyDrive:ms-properties AlternateDataStreams: C:\Users\Gebruiker\SkyDrive (2):ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\StartupFolder: => "GoPro Importer.lnk" HKLM\...\StartupApproved\Run: => "KeePass 2 PreLoad" HKLM\...\StartupApproved\Run: => "VirtualCloneDrive" HKLM\...\StartupApproved\Run: => "Toolwiz TimeFreeze" HKLM\...\StartupApproved\Run: => "ApnUpdater" HKLM\...\StartupApproved\Run: => "AllShare Play" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "DivXMediaServer" HKLM\...\StartupApproved\Run: => "DivXUpdate" HKLM\...\StartupApproved\Run: => "EMET 4.1 Update 1 Agent" HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\StartupApproved\StartupFolder: => "OneNote 2007 Screen Clipper and Launcher.lnk" HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\StartupApproved\StartupFolder: => "Verzenden naar OneNote.lnk" HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\StartupApproved\StartupFolder: => "Inktwaarschuwingen controleren - HP Photosmart 6520 series (netwerk).lnk" HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\StartupApproved\Run: => "Toolwiz TimeFreeze" HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\StartupApproved\Run: => "HP Photosmart 6520 series (NET)" HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\StartupApproved\Run: => "Uploader" HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\StartupApproved\Run: => "BrowserChoice" HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\StartupApproved\Run: => "RoboSizer" HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\StartupApproved\Run: => "Spybot-S&D Cleaning" HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\StartupApproved\Run: => "Search Protection" ========================= Accounts: ========================== Administrator (S-1-5-21-235396244-3051213757-2033591465-500 - Administrator - Disabled) Gast (S-1-5-21-235396244-3051213757-2033591465-501 - Limited - Disabled) Gebruiker (S-1-5-21-235396244-3051213757-2033591465-1000 - Administrator - Enabled) => C:\Users\Gebruiker HomeGroupUser$ (S-1-5-21-235396244-3051213757-2033591465-1005 - Limited - Enabled) UpdatusUser (S-1-5-21-235396244-3051213757-2033591465-1003 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Winbond CIR Transceiver Description: Winbond CIR Transceiver Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: Winbond Electronics Corporation Service: winbondcir Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Event log errors: ========================= Application errors: ================== Error: (01/09/2015 06:55:23 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:55:20 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:55:16 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:55:12 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:55:09 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:55:05 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:55:01 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:54:58 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:54:54 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:54:50 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 System errors: ============= Error: (01/09/2015 00:20:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Interactive Services Detection-service is gestopt met de volgende foutcode: %%1. Error: (01/09/2015 00:20:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80070002: Hewlett-Packard - Imaging - Null Print - HP Photosmart 6520 series. Error: (01/09/2015 00:16:10 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: De naam GEBRUIK-W9RJQI2:0 kan niet op de interface met het IP-adres 192.168.178.14 worden geregistreerd. De computer met het IP-adres 192.168.178.19 staat niet toe dat deze naam door deze computer wordt gebruikt. Error: (01/09/2015 00:16:10 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: De naam GEBRUIK-W9RJQI2:0 kan niet op de interface met het IP-adres 192.168.178.14 worden geregistreerd. De computer met het IP-adres 192.168.178.19 staat niet toe dat deze naam door deze computer wordt gebruikt. Error: (01/09/2015 00:16:08 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: De naam GEBRUIK-W9RJQI2:0 kan niet op de interface met het IP-adres 192.168.178.14 worden geregistreerd. De computer met het IP-adres 192.168.178.19 staat niet toe dat deze naam door deze computer wordt gebruikt. Error: (01/09/2015 00:16:07 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: De naam GEBRUIK-W9RJQI2:20 kan niet op de interface met het IP-adres 192.168.178.14 worden geregistreerd. De computer met het IP-adres 192.168.178.19 staat niet toe dat deze naam door deze computer wordt gebruikt. Error: (01/09/2015 00:16:07 PM) (Source: Server) (EventID: 2505) (User: ) Description: De server kan geen binding tot stand brengen met transport \Device\NetBT_Tcpip_{E5EEAC6C-D3A2-42B7-BAD0-91FCD3EE8E22} omdat een andere computer in het netwerk dezelfde naam heeft. De server kan niet worden gestart. Error: (01/09/2015 00:15:53 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: De naam GEBRUIK-W9RJQI2:0 kan niet op de interface met het IP-adres 192.168.178.14 worden geregistreerd. De computer met het IP-adres 192.168.178.19 staat niet toe dat deze naam door deze computer wordt gebruikt. Error: (01/08/2015 06:28:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Superfetch-service is gestopt met de volgende foutcode: %%1062. Error: (01/08/2015 05:17:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De OPSWAT On-Demand-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 60000 milliseconden worden uitgevoerd: Service opnieuw starten. Microsoft Office Sessions: ========================= Error: (01/09/2015 06:55:26 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:55:23 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:55:20 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:55:16 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:55:12 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:55:09 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:55:05 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:55:01 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:54:58 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 Error: (01/09/2015 06:54:54 PM) (Source: AllShare Framework DMS) (EventID: 1) (User: ) Description: AllShare Framework DMSSvcCtrlHandler received failed with 0 CodeIntegrity Errors: =================================== Date: 2015-01-08 16:54:08.786 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Elex-tech\YAC\iSafeSrvMon.dll that did not meet the Windows signing level requirements. Date: 2015-01-07 23:55:18.889 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Elex-tech\YAC\iSafeSrvMon.dll that did not meet the Windows signing level requirements. Date: 2015-01-07 23:20:20.279 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-07 23:20:20.279 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-07 23:20:20.264 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-07 23:20:20.248 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-07 23:20:20.248 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-07 23:20:20.232 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-07 23:20:20.217 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-07 23:20:20.201 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz Percentage of memory in use: 61% Total physical RAM: 3066.88 MB Available physical RAM: 1192.76 MB Total Pagefile: 11258.88 MB Available Pagefile: 7895.76 MB Total Virtual: 2047.88 MB Available Virtual: 1864.98 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.9 GB) (Free:49.54 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Data) (Fixed) (Total:348.59 GB) (Free:292.12 GB) NTFS Drive e: (Gebruikers) (Fixed) (Total:100.14 GB) (Free:32.25 GB) NTFS Drive f: (Data) (Fixed) (Total:249.9 GB) (Free:113.09 GB) NTFS Drive y: () (Network) (Total:1850.68 GB) (Free:1391.64 GB) Drive z: () (Network) (Total:1850.68 GB) (Free:1391.64 GB) ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 3DB22001) Partition 1: (Not Active) - (Size=350 GB) - (Type=OF Extended) Partition 2: (Not Active) - (Size=348.6 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 81EA8D3B) Partition 1: (Active) - (Size=118.9 GB) - (Type=07 NTFS) ==================== End Of Log ============================