Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by Gebruiker (administrator) on GEBRUIK-W9RJQI2 on 09-01-2015 18:53:03
Running from E:\wvh\Downloads\ZOEK.exe\Farbar recovery scan
Loaded Profile: Gebruiker (Available profiles: Gebruiker)
Platform: Microsoft Windows 8.1 Pro met Media Center (X86) OS Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kingsoft Corporation) C:\Program Files\cmcm\Clean Master\cmcore.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(F-Secure Corporation) C:\Program Files\Internetbeveiliging\fshoster32.exe
(Microsoft) C:\Program Files\Heimdal\HeimdalSecureDNS\DNSService.exe
(CSIS Security Group) C:\Program Files\Heimdal\Service\HeimdalAgentService.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
(OPSWAT, Inc.) C:\Program Files\OPSWAT\GEARS Client\GearsAgentService.exe
(OPSWAT, Inc.) C:\Program Files\OPSWAT\GEARS Client\GearsHelper.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\MobileService.exe
(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe
(OPSWAT, Inc.) C:\Program Files\OPSWAT\OnDemand\WAOnDemand.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(OPSWAT, Inc.) C:\Program Files\OPSWAT\OnDemand\ondemands\bs\wabpmsn.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(OPSWAT, Inc.) C:\Program Files\OPSWAT\OnDemand\ondemands\bs\wabpoes.exe
(OPSWAT, Inc.) C:\Program Files\OPSWAT\OnDemand\ondemands\wd\waodwd.exe
(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe
(Kingsoft Corporation) C:\Program Files\cmcm\Clean Master\cmtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(F-Secure Corporation) C:\Program Files\Internetbeveiliging\fshoster32.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(OPSWAT, Inc.) C:\Program Files\OPSWAT\GEARS Client\Gears.exe
(Cloudfogger GmbH) C:\Program Files\Cloudfogger\Cloudfogger.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(CSIS Security Group) C:\Program Files\Heimdal\Client\HeimdalAgent.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Cloudfogger GmbH) C:\Program Files\Cloudfogger\Cloudfogger.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Seagate Technology LLC) C:\Program Files\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
() C:\Program Files\OPSWAT\OnDemand\ondemands\oesis\wa_3rd_party_host_32.exe
(by SmithTech) C:\Program Files\Verkennerx2\xplorer2_lite Portable.exe
(ZabKat) C:\Program Files\Verkennerx2\App\xplorer2_lite\xplorer2_lite.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x86__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [2109952 2014-10-07] (Dominik Reichl)
HKLM\...\Run: [Toolwiz TimeFreeze] => F:\Backup schijf\Backup heusden\Downloads\Timefreeze\ToolwizTimeFreezeGUI.exe [1677912 2013-04-28] (Toolwiz)
HKLM\...\Run: [AllShare Play] => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [407384 2013-02-21] (Samsung Electronics)
HKLM\...\Run: [F-Secure Hoster (45123)] => C:\Program Files\Internetbeveiliging\fshoster32.exe [183864 2012-11-26] (F-Secure Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-07-12] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [150208 2014-04-20] (IvoSoft)
HKLM\...\Run: [DBAgent] => C:\Program Files\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1518664 2014-09-17] (Seagate Technology LLC)
HKLM\...\Run: [cmsc] => c:\program files\cmcm\Clean Master\cmtray.exe [468328 2015-01-03] (Kingsoft Corporation)
HKLM\...\Run: [GEARS] => C:\Program Files\OPSWAT\GEARS Client\GEARS.exe [1755456 2014-12-31] (OPSWAT, Inc.)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [4997872 2014-12-31] (Emsisoft GmbH)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Run: [SkyDrive] => C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-10-09] (Microsoft Corporation)
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Run: [Toolwiz TimeFreeze] => C:\Program Files\Toolwiz TimeFreeze\TimeFreeze.exe [1545496 2013-01-08] (Toolwiz)
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Run: [HP Photosmart 6520 series (NET)] => C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Run: [Cloudfogger] => C:\Program Files\Cloudfogger\Cloudfogger.exe [7173456 2013-02-25] (Cloudfogger GmbH)
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Run: [Uploader] => C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127080 2014-09-17] (Seagate Technology LLC)
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Run: [GoogleChromeAutoLaunch_5FEA36A39174F28C3634662B2D565CAA] => C:\Program Files\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.)
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5282584 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\MountPoints2: {24ea8251-74bd-11e4-b0c9-001e68a1d46c} - "H:\Startme.exe" 
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\MountPoints2: {4d2c9e38-202b-11e2-af9d-001e68a1d46c} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\MountPoints2: {781f199f-244e-11e2-af9f-001e68a1d46c} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\MountPoints2: {918466ab-205c-11e2-af9e-001e68a1d46c} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\MountPoints2: {af2f1cc5-3b63-11e4-b073-001e68a1d46c} - "H:\Startme.exe" 
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\MountPoints2: {e7477767-299f-11e2-af9f-001e68a1d46c} - "I:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Heimdal.lnk
ShortcutTarget: Heimdal.lnk -> C:\Program Files\Heimdal\Client\HeimdalAgent.exe (CSIS Security Group)
Startup: C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 6520 series (netwerk).lnk
ShortcutTarget: Inktwaarschuwingen controleren - HP Photosmart 6520 series (netwerk).lnk -> C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk
ShortcutTarget: Verzenden naar OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 0Cloudfogger] -> {15EDBCBF-7231-4290-946E-5BB12C6AF342} => C:\Program Files\Cloudfogger\CfShellEx_1.4.2143.dll (Cloudfogger GmbH)
ShellIconOverlayIdentifiers: [ 1Cloudfogger] -> {14A3EC74-D852-416A-9691-AC3096EE1953} => C:\Program Files\Cloudfogger\CfShellEx_1.4.2143.dll (Cloudfogger GmbH)
ShellIconOverlayIdentifiers: [ 2Cloudfogger] -> {E9C2814C-12B8-4D74-9551-16DDEBFC8AE4} => C:\Program Files\Cloudfogger\CfShellEx_1.4.2143.dll (Cloudfogger GmbH)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49967;https=127.0.0.1:49967
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://nl.search.yahoo.com/?type=523482&fr=spigot-yhp-ie
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKU\S-1-5-21-235396244-3051213757-2033591465-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://mail.google.com/mail/ca/u/0/#inbox
https://dub114.mail.live.com/default.aspx?fid=fltrash
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-235396244-3051213757-2033591465-1000 -> DefaultScope {B16E565E-E617-439F-8089-C40001897012} URL = https://nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=523482&p={searchTerms}
SearchScopes: HKU\S-1-5-21-235396244-3051213757-2033591465-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-235396244-3051213757-2033591465-1000 -> {B16E565E-E617-439F-8089-C40001897012} URL = https://nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=523482&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 212.54.40.25 212.54.44.54

FireFox:
========
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.15.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: samsung.com/AllSharePlayPCPlugin -> C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll (Samsung)

Chrome: 
=======
CHR HomePage: Default -> https://nl.search.yahoo.com/?type=523482&fr=yo-yhp-ch
CHR StartupUrls: Default -> "https://duckduckgo.com/", "https://mail.google.com/mail/ca/u/0/#inbox", "https://dub114.mail.live.com/default.aspx?fid=fltrash"
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultSearchURL: Default -> https://duckduckgo.com/?q={searchTerms}
CHR DefaultSuggestURL: Default -> https://ac.duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (CookiesOK) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmkbjoakcacgljcdccofbffloabfbni [2015-01-06]
CHR Extension: (Google Documenten) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-08]
CHR Extension: (Google Drive) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-27]
CHR Extension: (TV) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-07-08]
CHR Extension: (WOT) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-01-06]
CHR Extension: (YouTube) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-08]
CHR Extension: (Google Cast) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-01-06]
CHR Extension: (TVGiDS.tv) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocdjdnpjmkaaaangagmlnkcpfjkjfcn [2014-07-08]
CHR Extension: (TV) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2014-07-08]
CHR Extension: (Adblock Plus) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-06]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2014-10-12]
CHR Extension: (Symbaloo Bookmarker 0.4.2) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnjfgbikbkcmickdalamlmpmkhmbollm [2015-01-06]
CHR Extension: (Save my Tabs) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\djadfifncobffjpicnkiegahdiobpaap [2015-01-06]
CHR Extension: (MightyText - SMS Text Messaging ⟷ Computer) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2014-07-08]
CHR Extension: (Google+) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2014-07-08]
CHR Extension: (Torrent Turbo Search App) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegbffmjdkflkcfncpfjjbggbdlnbdif [2014-07-08]
CHR Extension: (Black Menu for Google™) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\eignhdfgaldabilaaegmdfbajngjmoke [2015-01-06]
CHR Extension: (Gmail Offline) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-07-08]
CHR Extension: (Google Agenda) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-07-08]
CHR Extension: (Box - 10GB of FREE storage) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2014-07-08]
CHR Extension: (Metascan Online for Chrome) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjampemfhdfmangifafmianhokmpjbcj [2015-01-07]
CHR Extension: (Mail Checker Plus for Google Mail™) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe [2014-07-08]
CHR Extension: (Vanilla Cookie Manager) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gieohaicffldbmiilohhggbidhephnjj [2015-01-06]
CHR Extension: (AdBlock) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-06]
CHR Extension: (Hola Beter Internet) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-01-08]
CHR Extension: (Avast Online Security) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-25]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-01-06]
CHR Extension: (NOS Video) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggmbjghgeahcopdibklblgfkfendefg [2014-07-08]
CHR Extension: (Dropbox) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-07-08]
CHR Extension: (CouchPotato) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jochingjncojldfclaicaomboafaiong [2015-01-06]
CHR Extension: (Woordenboeken.nu) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\klmficblehaigahmmlhoomjbiigebnpk [2014-07-08]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-06]
CHR Extension: (Google Maps) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-07-08]
CHR Extension: (Google Mail Checker) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-07-08]
CHR Extension: (Ghostery) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-01-06]
CHR Extension: (OneDrive) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-07-08]
CHR Extension: (Google Wallet) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR Extension: (SABconnect++) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod [2015-01-06]
CHR Extension: (Picasa) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-07-08]
CHR Extension: (Gmail) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-08]
CHR HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\GEBRUI~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-05-27]
CHR HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4920104 2014-12-31] (Emsisoft GmbH)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [406648 2012-10-23] (Samsung)
R2 AllShare Play Service; C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [631368 2013-02-21] (Copyright 2013 SAMSUNG)
R2 cmcore; c:\program files\cmcm\Clean Master\cmcore.exe [315240 2015-01-03] (Kingsoft Corporation)
S3 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242912 2014-09-11] (Foxit Software Inc.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-10-08] (Freemake) [File not signed]
R2 fshoster; C:\Program Files\Internetbeveiliging\fshoster32.exe [183864 2012-11-26] (F-Secure Corporation)
R2 HeimdalSecureDNS; C:\Program Files\Heimdal\HeimdalSecureDNS\DnsService.exe [93344 2014-12-11] (Microsoft)
R2 HeimdalService; C:\Program Files\Heimdal\Service\HeimdalAgentService.exe [133280 2014-12-11] (CSIS Security Group)
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [696320 2011-08-18] (Hewlett-Packard Co.) [File not signed]
S3 iumsvc; C:\Program Files\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-12-18] (IObit)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [1281112 2012-11-23] (Microsoft Corporation)
R2 OPSWATGEARSClient; C:\Program Files\OPSWAT\GEARS Client\GearsAgentService.exe [792384 2014-12-31] (OPSWAT, Inc.)
R2 OPSWATGEARSHelper; C:\Program Files\OPSWAT\GEARS Client\GearsHelper.exe [179008 2014-12-31] (OPSWAT, Inc.)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-12-15] (IBM Corp.)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [601072 2014-05-15] (Paramount Software UK Ltd)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2010-08-19] ()
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 Seagate Dashboard Services; C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-09-17] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files\Seagate\Seagate Dashboard 2.0\MobileService.exe [157776 2014-09-17] (Seagate Technology LLC)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 StartMenuReviverService; C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe [598648 2014-09-17] (ReviverSoft)
R2 WAOnDemand; C:\Program Files\OPSWAT\OnDemand\WAOnDemand.exe [1669952 2014-12-30] (OPSWAT, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [288128 2014-09-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22192 2014-09-22] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1222144 2014-07-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [58200 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [38248 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [18552 2014-05-12] (Emsisoft GmbH)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation)
R1 BTOWSFF; C:\WINDOWS\system32\Drivers\BTOWSFF.sys [26432 2013-01-08] (Toolwiz.com)
R0 BTOWSVF; C:\WINDOWS\System32\Drivers\BTOWSVF.sys [49856 2013-01-08] (Toolwiz.com)
R1 CBFilterFS; C:\WINDOWS\system32\drivers\cbfltfs.sys [115928 2013-01-07] (EldoS Corporation)
R1 cbfs3; C:\WINDOWS\system32\drivers\cbfs3.sys [299528 2012-12-04] (EldoS Corporation)
R3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128 2014-12-14] (Disc Soft Ltd)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [26328 2014-09-13] (Sony Mobile Communications)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R3 ksapi; C:\WINDOWS\system32\drivers\ksapi.sys [81768 2015-01-03] (Kingsoft Corporation)
R3 NETwNs32; C:\WINDOWS\system32\DRIVERS\NETwNs32.sys [7518208 2013-06-18] (Intel Corporation)
S3 PSMounterEx; C:\WINDOWS\system32\drivers\psmounterex.sys [65144 2013-08-01] (Paramount Software UK Ltd)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [10320 2013-09-30] ()
R1 RapportCerberus_80083; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80083.sys [430296 2014-12-08] ()
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [251288 2014-12-15] (IBM Corp.)
R0 RapportKELL; C:\WINDOWS\System32\Drivers\RapportKELL.sys [208888 2014-12-15] (IBM Corp.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [332728 2014-12-15] (IBM Corp.)
R1 RegHiveRecovery; C:\WINDOWS\system32\drivers\RegHiveRecovery.sys [41136 2014-02-20] (Microsoft Corporation)
S3 ssudobex; C:\WINDOWS\system32\DRIVERS\ssudobex.sys [184192 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 USB28xxBGA; C:\WINDOWS\system32\DRIVERS\emBDA.sys [608128 2011-03-10] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\system32\DRIVERS\emOEM.sys [1038080 2011-03-10] (eMPIA Technology, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [84800 2014-09-22] (Microsoft Corporation)
S3 WIMMount; C:\Program Files\Windows Kits\8.1\Assessment and Deployment Kit\Deployment Tools\x86\DISM\wimmount.sys [36464 2013-08-21] (Microsoft Corporation)
S3 winbondcir; C:\WINDOWS\system32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
R3 WUDFSensorLP; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
S1 iSafeKrnlMon; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-09 18:52 - 2015-01-09 18:53 - 00000000 ____D () C:\FRST
2015-01-09 18:20 - 2015-01-09 18:20 - 00000000 ____D () C:\ProgramData\Emsisoft
2015-01-09 12:41 - 2015-01-09 12:41 - 00001021 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2015-01-09 12:41 - 2015-01-09 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2015-01-09 12:40 - 2015-01-09 18:52 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2015-01-09 12:15 - 2015-01-09 12:15 - 00702080 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-09 12:15 - 2015-01-09 12:15 - 00000362 _____ () C:\WINDOWS\PFRO.log
2015-01-08 18:26 - 2015-01-08 18:26 - 00000000 ____D () C:\ProgramData\StartMenuReviver.exe
2015-01-08 18:25 - 2015-01-08 18:25 - 00001203 _____ () C:\Users\Public\Desktop\Start Menu Reviver.lnk
2015-01-08 18:25 - 2015-01-08 18:25 - 00000000 ____D () C:\ProgramData\ReviverSoft
2015-01-08 18:25 - 2015-01-08 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-01-08 18:25 - 2015-01-08 18:25 - 00000000 ____D () C:\Program Files\ReviverSoft
2015-01-07 23:56 - 2015-01-07 23:56 - 00000000 ____D () C:\Users\Gebruiker\AppData\Local\CrashRpt
2015-01-07 21:11 - 2015-01-09 12:18 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-01-07 21:08 - 2014-02-13 23:59 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-01-07 21:07 - 2015-01-08 16:59 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-07 19:35 - 2015-01-07 21:10 - 00351071 _____ () C:\zoek-results.log
2015-01-07 19:31 - 2015-01-07 20:40 - 00000000 ____D () C:\zoek_backup
2015-01-07 19:28 - 2015-01-07 19:31 - 00001410 _____ () C:\Users\Gebruiker\Desktop\zoek.exe.scr - Snelkoppeling.lnk
2015-01-06 19:00 - 2015-01-06 19:01 - 00000000 ____D () C:\rsit
2015-01-06 19:00 - 2015-01-06 19:00 - 00000000 ____D () C:\Program Files\trend micro
2015-01-06 18:48 - 2015-01-06 18:48 - 00001299 _____ () C:\Users\Gebruiker\Desktop\adwcleaner_4.106.exe - Snelkoppeling.lnk
2015-01-06 18:46 - 2015-01-06 18:46 - 00001004 _____ () C:\Users\Gebruiker\Desktop\RSIT.exe - Snelkoppeling.lnk
2015-01-05 16:41 - 2015-01-03 09:56 - 00044712 _____ (Elex do Brasil Participações Ltda) C:\WINDOWS\system32\Drivers\iSafeNetFilter.sysearch
2015-01-03 17:11 - 2015-01-03 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CSIS Heimdal
2015-01-03 17:11 - 2015-01-03 17:11 - 00000000 ____D () C:\ProgramData\CSIS
2015-01-03 17:11 - 2015-01-03 17:11 - 00000000 ____D () C:\Program Files\Heimdal
2015-01-03 17:00 - 2015-01-08 17:35 - 00000000 ____D () C:\Users\Gebruiker\AppData\Local\CrashDumps
2015-01-03 16:51 - 2015-01-03 16:54 - 00000000 ____D () C:\Users\Gebruiker\AppData\Roaming\Saladin
2015-01-03 16:50 - 2015-01-03 16:50 - 00001027 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saladin.lnk
2015-01-03 16:50 - 2015-01-03 16:50 - 00001015 _____ () C:\Users\Public\Desktop\Saladin.lnk
2015-01-03 16:50 - 2015-01-03 16:50 - 00000000 ____D () C:\Program Files\Saladin
2015-01-03 16:47 - 2015-01-03 16:47 - 00081768 _____ (Kingsoft Corporation) C:\WINDOWS\system32\Drivers\ksapi.sys
2015-01-03 16:47 - 2015-01-03 16:47 - 00056680 _____ (Kingsoft Corporation) C:\WINDOWS\system32\Drivers\ksapi64.sys
2015-01-03 16:47 - 2015-01-03 16:47 - 00001012 _____ () C:\Users\Public\Desktop\Clean Master.lnk
2015-01-03 16:47 - 2015-01-03 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Master
2015-01-03 16:47 - 2015-01-03 16:47 - 00000000 ____D () C:\ProgramData\Kingsoft
2015-01-03 16:47 - 2015-01-03 16:47 - 00000000 ____D () C:\ProgramData\cmcm
2015-01-03 16:47 - 2015-01-03 16:47 - 00000000 ____D () C:\Program Files\cmcm
2014-12-18 19:46 - 2014-12-18 19:46 - 00001186 _____ () C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-12-18 19:46 - 2014-12-18 19:46 - 00001162 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-12-15 23:03 - 2014-12-15 23:03 - 00208888 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKELL.sys
2014-12-14 20:04 - 2014-12-14 20:04 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-14 19:36 - 2015-01-06 13:32 - 00000000 ____D () C:\Users\Gebruiker\AppData\Roaming\DAEMON Tools Lite
2014-12-14 19:36 - 2014-12-14 19:36 - 00243128 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-12-14 19:36 - 2014-12-14 19:36 - 00001868 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-12-14 19:36 - 2014-12-14 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-12-14 19:36 - 2014-12-14 19:36 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-12-14 19:20 - 2014-12-14 19:37 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-12-11 18:36 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 18:36 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 18:36 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 18:36 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 18:36 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 18:36 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 18:36 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 18:36 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 18:36 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 18:36 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 18:36 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 18:36 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 18:36 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 18:36 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 18:36 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 18:36 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 18:36 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 18:36 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 18:36 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 18:36 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 18:35 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 18:35 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 18:35 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-11 18:31 - 2014-12-04 00:38 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-11 18:31 - 2014-12-04 00:08 - 00728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-11 18:31 - 2014-12-03 00:09 - 00873984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-11 18:31 - 2014-12-03 00:09 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-11 18:31 - 2014-12-03 00:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-11 18:31 - 2014-12-03 00:09 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-11 18:31 - 2014-12-03 00:09 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-11 18:31 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 18:31 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 18:31 - 2014-10-13 03:47 - 00199488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 18:31 - 2014-10-13 03:47 - 00131392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 18:31 - 2014-10-13 03:47 - 00076096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 18:31 - 2014-10-13 03:47 - 00036160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-09 18:48 - 2014-05-26 19:29 - 00000000 ____D () C:\Users\Gebruiker\AppData\Roaming\Cloudfogger
2015-01-09 18:47 - 2014-01-22 21:41 - 01883187 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-09 18:28 - 2012-10-27 13:18 - 00001084 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-09 18:00 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-09 17:46 - 2012-10-27 18:11 - 00000054 _____ () C:\WINDOWS\ABS.INI
2015-01-09 16:30 - 2013-11-14 06:39 - 00005430 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-09 16:30 - 2013-11-14 06:24 - 04517528 _____ () C:\WINDOWS\system32\perfh013.dat
2015-01-09 16:30 - 2013-11-14 06:24 - 01360374 _____ () C:\WINDOWS\system32\perfc013.dat
2015-01-09 13:28 - 2012-10-27 13:18 - 00001080 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-09 12:38 - 2012-10-29 19:29 - 00000000 ____D () C:\Users\Gebruiker\AppData\Roaming\KeePass
2015-01-09 12:18 - 2014-07-24 17:49 - 00000000 ___DO () C:\Users\Gebruiker\SkyDrive (2)
2015-01-09 12:16 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-09 12:15 - 2013-08-22 08:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-08 18:28 - 2013-08-22 07:13 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-08 18:21 - 2014-05-27 11:03 - 00000000 ____D () C:\Users\Gebruiker\AppData\Roaming\ClassicShell
2015-01-08 18:09 - 2013-03-04 15:05 - 00000000 ___RD () C:\Users\Gebruiker\Dropbox
2015-01-08 17:29 - 2013-03-06 19:55 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-08 17:04 - 2014-10-17 18:23 - 00000306 _____ () C:\WINDOWS\Tasks\Uninstaller_SkipUac_Gebruiker.job
2015-01-07 23:08 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-01-07 22:55 - 2014-07-06 15:32 - 00000000 ____D () C:\AdwCleaner
2015-01-07 21:09 - 2014-01-23 14:57 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-01-07 20:40 - 2012-07-26 07:53 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2015-01-06 18:37 - 2014-05-27 11:36 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-06 15:26 - 2014-05-27 11:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-01-06 15:26 - 2014-01-22 21:44 - 00000000 ____D () C:\Users\Gebruiker
2015-01-06 13:32 - 2014-05-27 15:15 - 00000000 ____D () C:\Users\Gebruiker\AppData\Local\sabnzbd
2015-01-05 19:19 - 2012-11-02 16:17 - 00000000 ____D () C:\Users\Gebruiker\AppData\Roaming\vlc
2015-01-05 19:09 - 2013-02-13 15:22 - 00000000 ____D () C:\Users\Gebruiker\AppData\Roaming\dvdcss
2015-01-05 19:06 - 2014-10-12 18:46 - 00002314 _____ () C:\Users\Gebruiker\Desktop\App-opstartprogramma van Chrome.lnk
2015-01-05 15:14 - 2014-01-21 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging
2015-01-05 15:11 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2015-01-03 17:44 - 2014-05-27 11:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-03 16:48 - 2014-01-22 21:11 - 00000000 ___DC () C:\WINDOWS\Panther
2015-01-03 15:59 - 2014-07-06 15:40 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-02 19:44 - 2014-05-27 11:25 - 00001032 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-02 19:44 - 2014-05-27 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-02 19:44 - 2014-05-27 11:24 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-12-31 12:13 - 2012-10-28 19:46 - 00249488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-12-24 16:52 - 2013-03-04 15:02 - 00000000 ____D () C:\Users\Gebruiker\AppData\Roaming\Dropbox
2014-12-24 16:16 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-21 11:30 - 2012-07-26 07:43 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 19:46 - 2014-05-27 15:33 - 00000000 ____D () C:\Users\Gebruiker\AppData\Roaming\IObit
2014-12-18 19:44 - 2014-05-27 12:29 - 00000000 ____D () C:\Program Files\CyberLink
2014-12-16 16:38 - 2013-03-04 15:05 - 00001086 _____ () C:\Users\Gebruiker\Desktop\Dropbox.lnk
2014-12-16 16:38 - 2013-03-04 15:03 - 00000000 ____D () C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-15 13:31 - 2013-02-04 18:53 - 00000000 ____D () C:\Program Files\CDBurnerXP
2014-12-14 20:04 - 2014-07-21 17:41 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-14 20:04 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\system32\nl-NL
2014-12-14 19:55 - 2013-02-04 18:53 - 00001851 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-12-14 19:55 - 2013-02-04 18:53 - 00001817 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-12-14 19:03 - 2012-10-27 18:16 - 00001184 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2014-12-14 14:41 - 2014-01-21 16:08 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-14 14:34 - 2012-12-12 11:37 - 109818608 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-14 14:32 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-14 14:32 - 2013-08-22 09:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS

Files to move or delete:
====================
C:\ProgramData\StartMenuReviver.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-07 22:59

==================== End Of Log ============================