Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-06-2014 Ran by SYSTEM on MININT-54B7DPL on 24-06-2014 14:59:42 Running from e:\ Platform: Windows 7 Professional Service Pack 1 (X86) OS Language: Nederlands (Nederland) Internet Explorer Version 11 Boot Mode: Recovery The current controlset is ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.[/b] The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2054360 2009-11-16] (ESET) HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2621656 2008-02-29] (Acronis) HKLM\...\Run: [AcronisTimounterMonitor] => C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [909088 2008-02-29] (Acronis) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [140568 2008-02-29] (Acronis) HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] () HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11734240 2012-12-13] (Realtek Semiconductor) HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [337432 2013-07-22] (Power Software Ltd) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKU\gebruiker\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe [847536 2014-05-14] (Adobe Systems Incorporated) HKU\gebruiker\...\Winlogon: [Shell] C:\Windows\system32\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION Lsa: [Authentication Packages] msv1_0 relog_ap Startup: C:\Users\gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Belgacom Cloud.lnk ShortcutTarget: Belgacom Cloud.lnk -> (No File) Startup: C:\Users\gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 3520 series.lnk ShortcutTarget: Inktwaarschuwingen controleren - HP Deskjet 3520 series.lnk -> C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ========================== Services (Whitelisted) ================= S4 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [427288 2008-02-29] (Acronis) S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [20680 2009-11-16] (ESET) S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [735960 2009-11-16] (ESET) S2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [120136 2012-11-20] (Intel Corporation) S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.) S4 Media Jukebox 14 Service; C:\Program Files\J River\Media Jukebox 14\JRService.exe [379400 2010-07-15] (J. River, Inc.) S2 MSSQL$OXYGEN; C:\Program Files\MSSQL2005\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation) S2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) S3 RaMediaServer; C:\Program Files\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) S2 Soda PDF 3D Reader Helper Service; C:\Program Files\Soda PDF 3D Reader\HelperService.exe [1162592 2013-08-19] (LULU Software Limited) S2 Soda PDF 3D Reader Service; C:\Program Files\Soda PDF 3D Reader\ConversionService.exe [852320 2013-08-19] (LULU Software Limited) S4 TryAndDecideService; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [493320 2008-02-29] () S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1699168 2012-10-08] (TuneUp Software) S4 WefiEngSvc; C:\Program Files\WeFi\WefiEngSvc.exe [120152 2010-11-03] (WeFi) ==================== Drivers (Whitelisted) ==================== S3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [232312 2012-10-30] (Intel Corporation) S2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [116520 2009-11-16] (ESET) S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [108792 2009-11-16] (ESET) S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [95896 2009-11-16] (ESET) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14216 2011-07-29] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [8456 2011-07-29] () S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1321568 2012-08-17] (Ralink Technology Corp.) S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-13] (NXP Semiconductors) S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-08-20] (RapidSolution Software AG) S3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-08-20] (RapidSolution Software AG) S1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113336 2013-07-22] (Power Software Ltd) S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [33160 2013-01-25] (Spotflux, Inc) S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39016 2012-08-20] (RapidSolution Software AG) S0 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [368480 2012-05-30] (Acronis) S2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2012-05-30] (Acronis) S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-09-19] (TuneUp Software) S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-24 14:28 - 2011-02-25 09:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\System32\explorer.exe 2014-06-24 14:26 - 2011-02-25 09:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2014-06-24 14:26 - 2011-02-25 09:19 - 02871808 _____ (Microsoft Corporation) C:\explorer.exe 2014-06-23 12:35 - 2014-06-24 14:59 - 00000000 ____D () C:\FRST 2014-06-17 23:34 - 2014-06-17 23:34 - 02927455 _____ () C:\Users\gebruiker\AppData\Local\soulseek-client.dat.1403044444411 2014-06-17 22:38 - 2014-06-17 22:38 - 02927455 _____ () C:\Users\gebruiker\AppData\Local\soulseek-client.dat.1403041121602 2014-06-17 21:38 - 2014-06-17 21:38 - 02927455 _____ () C:\Users\gebruiker\AppData\Local\soulseek-client.dat.1403037521557 2014-06-17 19:25 - 2014-06-17 19:25 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{E1D10C3A-ED5D-4150-B1B4-A394E0A0892D} 2014-06-17 07:24 - 2014-06-17 07:25 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{2A159235-7304-4352-A83B-A921A98AF13F} 2014-06-16 19:24 - 2014-06-16 19:24 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{CFCB9F53-F3C1-4062-9C2E-E16F19575664} 2014-06-16 07:23 - 2014-06-16 07:23 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{E4E73F00-8284-4F43-A895-21BF0D2FDBB7} 2014-06-15 19:23 - 2014-06-15 19:23 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{18927992-BDE4-466C-A5D2-17C320030932} 2014-06-15 14:47 - 2014-06-15 14:47 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf 2014-06-15 13:44 - 2014-06-15 13:44 - 00005814 _____ () C:\Users\gebruiker\Documents\bridge clubtornooi 2014.odt 2014-06-15 07:22 - 2014-06-15 07:23 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{22ABF514-E743-4EFF-B112-0B96C19D07B2} 2014-06-14 19:21 - 2014-06-14 19:22 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{93A90267-0118-4CB4-AA27-76688A19E3F0} 2014-06-14 07:20 - 2014-06-14 07:21 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{94234386-BD16-4319-B510-7CC1687F30C8} 2014-06-13 19:20 - 2014-06-13 19:20 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{7028273F-892F-48B8-AAA0-14372F2D5DA8} 2014-06-13 07:19 - 2014-06-13 07:19 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{72A368BE-B58B-499B-856F-9EAB3A8F2D95} 2014-06-12 19:16 - 2014-06-12 19:19 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{68E40467-2ADF-48AE-A2AD-691623D2A9F1} 2014-06-12 07:14 - 2014-06-12 07:16 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{E50CDB35-78BC-4005-A77A-A1AAF8D33219} 2014-06-11 19:14 - 2014-06-11 19:14 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{9FFC52C7-15C4-487D-8563-CF82D0382D9B} 2014-06-11 09:46 - 2014-05-30 10:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-06-11 09:46 - 2014-05-30 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2014-06-11 09:46 - 2014-05-30 10:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2014-06-11 09:46 - 2014-05-30 09:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2014-06-11 09:46 - 2014-05-30 09:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2014-06-11 09:46 - 2014-05-30 09:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2014-06-11 09:46 - 2014-05-30 09:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2014-06-11 09:46 - 2014-05-30 09:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2014-06-11 09:46 - 2014-05-30 09:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2014-06-11 09:46 - 2014-05-30 09:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2014-06-11 09:46 - 2014-05-30 09:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2014-06-11 09:46 - 2014-05-30 09:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2014-06-11 09:46 - 2014-05-30 09:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2014-06-11 09:46 - 2014-05-30 09:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2014-06-11 09:46 - 2014-05-30 09:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2014-06-11 09:46 - 2014-05-30 09:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-06-11 09:46 - 2014-05-30 09:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2014-06-11 09:46 - 2014-05-30 09:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-06-11 09:46 - 2014-05-30 09:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2014-06-11 09:46 - 2014-05-30 08:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2014-06-11 09:46 - 2014-05-30 08:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2014-06-11 09:46 - 2014-05-30 08:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2014-06-11 09:46 - 2014-05-30 08:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2014-06-11 09:46 - 2014-05-30 08:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2014-06-11 09:46 - 2014-05-30 08:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2014-06-11 09:46 - 2014-05-30 08:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2014-06-11 09:46 - 2014-05-30 08:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2014-06-11 09:46 - 2014-05-30 08:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2014-06-11 09:46 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2014-06-11 09:45 - 2014-06-08 09:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll 2014-06-11 09:45 - 2014-06-08 09:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll 2014-06-11 09:45 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\System32\usp10.dll 2014-06-11 09:45 - 2014-04-05 03:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2014-06-11 09:45 - 2014-04-05 03:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS 2014-06-11 09:45 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2014-06-11 09:45 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml6r.dll 2014-06-11 09:45 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll 2014-06-11 07:13 - 2014-06-11 07:13 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{A0CD4511-2516-4AAB-B616-44775B4FFD04} 2014-06-10 19:12 - 2014-06-10 19:13 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{CAF873BD-4A2B-42AA-B8F5-D530646EE4F9} 2014-06-10 07:10 - 2014-06-10 07:12 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{B3E67D36-4F3B-47AF-81BA-6C8AC1A3A871} 2014-06-09 14:43 - 2014-06-09 14:43 - 00000162 ____H () C:\Users\gebruiker\Documents\~$nnoye patrick.odt 2014-06-09 13:51 - 2014-06-09 13:51 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{A3A62A69-C3A3-402D-B679-39D60828CB38} 2014-06-06 19:30 - 2014-06-06 19:31 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{FBCCA77C-5A46-407F-AFAA-953AFC467A46} 2014-06-06 07:29 - 2014-06-06 07:30 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{D183B66F-0820-4A50-A0F0-C4BB6D764A3A} 2014-06-05 19:29 - 2014-06-05 19:29 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{128D9C7E-79BE-4BF7-977E-4D9400EFC235} 2014-06-05 07:28 - 2014-06-05 07:28 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{0F98D771-717B-434A-8C99-BC03E3D8BCEF} 2014-06-04 19:27 - 2014-06-04 19:27 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{58BAAD09-12B5-4645-8AF8-81A2D5BD4E9B} 2014-06-04 07:26 - 2014-06-04 07:27 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{288E46EA-7EFF-457A-B2C4-683C2966AE93} 2014-06-03 23:20 - 2014-06-03 23:20 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-06-03 16:35 - 2014-06-03 16:35 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{66B3EAC7-789B-40A5-8B45-795709770A3C} 2014-06-03 04:34 - 2014-06-03 04:35 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{0EFE4099-7469-4267-A17E-5BD93AD76C3A} 2014-06-02 16:34 - 2014-06-02 16:34 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{1C0DB1BE-25E0-489B-A67F-64EBA4DD83A3} 2014-06-02 04:33 - 2014-06-02 04:33 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{9155567D-C16A-4485-836E-EBE5473BC81D} 2014-06-01 16:32 - 2014-06-01 16:33 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{37058E3C-0F31-4EA8-AFF6-1DFE98E1DF41} 2014-05-30 22:40 - 2014-05-30 22:41 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{893D71A9-03AD-4CB4-AC2C-B5FA0EE19C18} 2014-05-30 12:32 - 2014-05-30 12:33 - 00000000 ____D () C:\Program Files\DVDVideoSoft 2014-05-30 12:32 - 2014-05-30 12:32 - 00002227 _____ () C:\Users\Public\Desktop\Free AVI Video Converter.lnk 2014-05-30 12:32 - 2014-05-30 12:32 - 00001207 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2014-05-30 12:32 - 2014-05-30 12:32 - 00000000 ____D () C:\Users\gebruiker\AppData\Roaming\OpenCandy 2014-05-30 12:32 - 2014-05-30 12:32 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft 2014-05-30 12:31 - 2014-05-30 12:32 - 00000000 ____D () C:\Users\gebruiker\AppData\Roaming\DVDVideoSoft 2014-05-30 12:10 - 2014-05-30 12:10 - 00000000 ____D () C:\Users\gebruiker\Documents\Any Video Converter 2014-05-30 12:10 - 2014-05-30 12:10 - 00000000 ____D () C:\Users\gebruiker\AppData\Roaming\AnvSoft 2014-05-30 12:09 - 2014-05-30 12:09 - 00001167 _____ () C:\Users\gebruiker\Desktop\Any Video Converter.lnk 2014-05-30 12:09 - 2014-05-30 12:09 - 00000000 ____D () C:\Program Files\AnvSoft 2014-05-30 09:05 - 2014-05-30 09:05 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{3EA1CD7E-AA02-48C2-B958-52A624A8FEBC} 2014-05-29 21:04 - 2014-05-29 21:05 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{B1AFE183-B4DF-43A2-8479-3E5659FD1B58} 2014-05-29 09:04 - 2014-05-29 09:04 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{909A47B9-00BC-4B4B-9F1F-34C171C977F1} 2014-05-28 21:03 - 2014-05-28 21:04 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{BF653932-CFD1-4439-96AE-9FE3A956A9D9} 2014-05-28 09:03 - 2014-05-28 09:03 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{C011CBAE-F6AD-45E0-BC09-650DC9EA2CF6} 2014-05-27 21:02 - 2014-05-27 21:03 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{7F7E0437-438E-4B24-BDE1-3BA257AEC41E} 2014-05-27 09:01 - 2014-05-27 09:02 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{684F4627-B49E-4255-A08D-57644D93086A} 2014-05-26 21:00 - 2014-05-26 21:01 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{2D761EBE-AE54-44B6-94D3-D0CD76E152F0} 2014-05-26 09:00 - 2014-05-26 09:00 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{E21FF5F2-33EB-499E-97D1-997277DB3ED5} 2014-05-25 20:59 - 2014-05-25 20:59 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{90970A7D-D6C2-4678-99B1-5832292A242D} 2014-05-25 08:58 - 2014-05-25 08:59 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{ABA80785-0DC6-465C-9554-90E45C921864} ==================== One Month Modified Files and Folders ======= 2014-06-24 14:59 - 2014-06-23 12:35 - 00000000 ____D () C:\FRST 2014-06-17 23:35 - 2012-05-30 08:46 - 01771879 _____ () C:\Windows\WindowsUpdate.log 2014-06-17 23:34 - 2014-06-17 23:34 - 02927455 _____ () C:\Users\gebruiker\AppData\Local\soulseek-client.dat.1403044444411 2014-06-17 23:34 - 2012-07-27 17:17 - 00000000 ____D () C:\Users\gebruiker\AppData\Roaming\Spotify 2014-06-17 22:38 - 2014-06-17 22:38 - 02927455 _____ () C:\Users\gebruiker\AppData\Local\soulseek-client.dat.1403041121602 2014-06-17 21:38 - 2014-06-17 21:38 - 02927455 _____ () C:\Users\gebruiker\AppData\Local\soulseek-client.dat.1403037521557 2014-06-17 19:25 - 2014-06-17 19:25 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{E1D10C3A-ED5D-4150-B1B4-A394E0A0892D} 2014-06-17 08:37 - 2012-06-03 10:52 - 00000000 ____D () C:\Users\gebruiker\AppData\Roaming\BitTorrent 2014-06-17 07:25 - 2014-06-17 07:24 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{2A159235-7304-4352-A83B-A921A98AF13F} 2014-06-16 19:24 - 2014-06-16 19:24 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{CFCB9F53-F3C1-4062-9C2E-E16F19575664} 2014-06-16 18:36 - 2012-07-27 17:17 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\Spotify 2014-06-16 07:23 - 2014-06-16 07:23 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{E4E73F00-8284-4F43-A895-21BF0D2FDBB7} 2014-06-15 19:23 - 2014-06-15 19:23 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{18927992-BDE4-466C-A5D2-17C320030932} 2014-06-15 14:47 - 2014-06-15 14:47 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf 2014-06-15 14:47 - 2009-07-14 05:39 - 00347833 _____ () C:\Windows\setupact.log 2014-06-15 13:44 - 2014-06-15 13:44 - 00005814 _____ () C:\Users\gebruiker\Documents\bridge clubtornooi 2014.odt 2014-06-15 07:23 - 2014-06-15 07:22 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{22ABF514-E743-4EFF-B112-0B96C19D07B2} 2014-06-14 19:22 - 2014-06-14 19:21 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{93A90267-0118-4CB4-AA27-76688A19E3F0} 2014-06-14 07:21 - 2014-06-14 07:20 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{94234386-BD16-4319-B510-7CC1687F30C8} 2014-06-13 19:20 - 2014-06-13 19:20 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{7028273F-892F-48B8-AAA0-14372F2D5DA8} 2014-06-13 07:35 - 2009-07-14 05:34 - 00016208 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-13 07:35 - 2009-07-14 05:34 - 00016208 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-13 07:19 - 2014-06-13 07:19 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{72A368BE-B58B-499B-856F-9EAB3A8F2D95} 2014-06-12 19:19 - 2014-06-12 19:16 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{68E40467-2ADF-48AE-A2AD-691623D2A9F1} 2014-06-12 10:13 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-06-12 09:35 - 2012-07-12 18:08 - 00002155 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-12 07:16 - 2014-06-12 07:14 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{E50CDB35-78BC-4005-A77A-A1AAF8D33219} 2014-06-12 02:28 - 2012-05-30 09:59 - 04158612 _____ () C:\Windows\PFRO.log 2014-06-12 02:27 - 2014-04-30 02:01 - 00000000 ___SD () C:\Windows\System32\CompatTel 2014-06-12 02:10 - 2012-05-30 09:04 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-12 02:08 - 2013-07-13 18:23 - 00000000 ____D () C:\Windows\System32\MRT 2014-06-12 02:05 - 2012-05-30 09:50 - 92708840 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2014-06-11 19:14 - 2014-06-11 19:14 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{9FFC52C7-15C4-487D-8563-CF82D0382D9B} 2014-06-11 07:13 - 2014-06-11 07:13 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{A0CD4511-2516-4AAB-B616-44775B4FFD04} 2014-06-10 19:13 - 2014-06-10 19:12 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{CAF873BD-4A2B-42AA-B8F5-D530646EE4F9} 2014-06-10 07:12 - 2014-06-10 07:10 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{B3E67D36-4F3B-47AF-81BA-6C8AC1A3A871} 2014-06-09 18:32 - 2012-05-30 08:55 - 01801890 _____ () C:\Windows\System32\PerfStringBackup.INI 2014-06-09 18:32 - 2009-07-14 09:27 - 00792472 _____ () C:\Windows\System32\perfh013.dat 2014-06-09 18:32 - 2009-07-14 09:27 - 00171118 _____ () C:\Windows\System32\perfc013.dat 2014-06-09 14:43 - 2014-06-09 14:43 - 00000162 ____H () C:\Users\gebruiker\Documents\~$nnoye patrick.odt 2014-06-09 13:51 - 2014-06-09 13:51 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{A3A62A69-C3A3-402D-B679-39D60828CB38} 2014-06-08 09:48 - 2014-06-11 09:45 - 00391680 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll 2014-06-08 09:43 - 2014-06-11 09:45 - 00302592 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll 2014-06-06 19:31 - 2014-06-06 19:30 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{FBCCA77C-5A46-407F-AFAA-953AFC467A46} 2014-06-06 12:33 - 2012-06-03 13:45 - 00000000 ____D () C:\ProgramData\Sonos,_Inc 2014-06-06 07:30 - 2014-06-06 07:29 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{D183B66F-0820-4A50-A0F0-C4BB6D764A3A} 2014-06-05 19:29 - 2014-06-05 19:29 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{128D9C7E-79BE-4BF7-977E-4D9400EFC235} 2014-06-05 07:28 - 2014-06-05 07:28 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{0F98D771-717B-434A-8C99-BC03E3D8BCEF} 2014-06-04 19:27 - 2014-06-04 19:27 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{58BAAD09-12B5-4645-8AF8-81A2D5BD4E9B} 2014-06-04 07:27 - 2014-06-04 07:26 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{288E46EA-7EFF-457A-B2C4-683C2966AE93} 2014-06-03 23:20 - 2014-06-03 23:20 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-06-03 23:20 - 2014-02-12 08:48 - 00002018 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-06-03 23:20 - 2012-06-18 23:19 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-06-03 16:35 - 2014-06-03 16:35 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{66B3EAC7-789B-40A5-8B45-795709770A3C} 2014-06-03 04:35 - 2014-06-03 04:34 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{0EFE4099-7469-4267-A17E-5BD93AD76C3A} 2014-06-02 16:34 - 2014-06-02 16:34 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{1C0DB1BE-25E0-489B-A67F-64EBA4DD83A3} 2014-06-02 04:33 - 2014-06-02 04:33 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{9155567D-C16A-4485-836E-EBE5473BC81D} 2014-06-01 16:33 - 2014-06-01 16:32 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{37058E3C-0F31-4EA8-AFF6-1DFE98E1DF41} 2014-05-30 22:41 - 2014-05-30 22:40 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{893D71A9-03AD-4CB4-AC2C-B5FA0EE19C18} 2014-05-30 15:07 - 2012-06-03 09:23 - 00000000 ____D () C:\Users\gebruiker\AppData\Roaming\vlc 2014-05-30 12:33 - 2014-05-30 12:32 - 00000000 ____D () C:\Program Files\DVDVideoSoft 2014-05-30 12:32 - 2014-05-30 12:32 - 00002227 _____ () C:\Users\Public\Desktop\Free AVI Video Converter.lnk 2014-05-30 12:32 - 2014-05-30 12:32 - 00001207 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2014-05-30 12:32 - 2014-05-30 12:32 - 00000000 ____D () C:\Users\gebruiker\AppData\Roaming\OpenCandy 2014-05-30 12:32 - 2014-05-30 12:32 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft 2014-05-30 12:32 - 2014-05-30 12:31 - 00000000 ____D () C:\Users\gebruiker\AppData\Roaming\DVDVideoSoft 2014-05-30 12:10 - 2014-05-30 12:10 - 00000000 ____D () C:\Users\gebruiker\Documents\Any Video Converter 2014-05-30 12:10 - 2014-05-30 12:10 - 00000000 ____D () C:\Users\gebruiker\AppData\Roaming\AnvSoft 2014-05-30 12:09 - 2014-05-30 12:09 - 00001167 _____ () C:\Users\gebruiker\Desktop\Any Video Converter.lnk 2014-05-30 12:09 - 2014-05-30 12:09 - 00000000 ____D () C:\Program Files\AnvSoft 2014-05-30 10:18 - 2014-06-11 09:46 - 17271296 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-05-30 10:02 - 2014-06-11 09:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2014-05-30 10:02 - 2014-06-11 09:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2014-05-30 09:44 - 2014-06-11 09:46 - 00455168 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2014-05-30 09:43 - 2014-06-11 09:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2014-05-30 09:42 - 2014-06-11 09:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2014-05-30 09:38 - 2014-06-11 09:46 - 02179072 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2014-05-30 09:34 - 2014-06-11 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2014-05-30 09:33 - 2014-06-11 09:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2014-05-30 09:30 - 2014-06-11 09:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2014-05-30 09:28 - 2014-06-11 09:46 - 00112128 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2014-05-30 09:28 - 2014-06-11 09:46 - 00108032 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2014-05-30 09:27 - 2014-06-11 09:46 - 00592896 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2014-05-30 09:21 - 2014-06-11 09:46 - 00646144 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2014-05-30 09:16 - 2014-06-11 09:46 - 00368128 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2014-05-30 09:10 - 2014-06-11 09:46 - 00032256 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-05-30 09:06 - 2014-06-11 09:46 - 00164864 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2014-05-30 09:05 - 2014-05-30 09:05 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{3EA1CD7E-AA02-48C2-B958-52A624A8FEBC} 2014-05-30 09:04 - 2014-06-11 09:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-05-30 09:02 - 2014-06-11 09:46 - 00242688 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2014-05-30 08:57 - 2014-06-11 09:46 - 00595968 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2014-05-30 08:56 - 2014-06-11 09:46 - 04244992 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2014-05-30 08:54 - 2014-06-11 09:46 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2014-05-30 08:50 - 2014-06-11 09:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2014-05-30 08:49 - 2014-06-11 09:46 - 01964544 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2014-05-30 08:40 - 2014-06-11 09:46 - 11725312 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2014-05-30 08:21 - 2014-06-11 09:46 - 01790976 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2014-05-30 08:15 - 2014-06-11 09:46 - 01143296 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2014-05-30 08:13 - 2014-06-11 09:46 - 00704512 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2014-05-29 21:05 - 2014-05-29 21:04 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{B1AFE183-B4DF-43A2-8479-3E5659FD1B58} 2014-05-29 09:04 - 2014-05-29 09:04 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{909A47B9-00BC-4B4B-9F1F-34C171C977F1} 2014-05-28 21:04 - 2014-05-28 21:03 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{BF653932-CFD1-4439-96AE-9FE3A956A9D9} 2014-05-28 09:03 - 2014-05-28 09:03 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{C011CBAE-F6AD-45E0-BC09-650DC9EA2CF6} 2014-05-27 21:03 - 2014-05-27 21:02 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{7F7E0437-438E-4B24-BDE1-3BA257AEC41E} 2014-05-27 11:11 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\System32\NDF 2014-05-27 09:02 - 2014-05-27 09:01 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{684F4627-B49E-4255-A08D-57644D93086A} 2014-05-26 21:01 - 2014-05-26 21:00 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{2D761EBE-AE54-44B6-94D3-D0CD76E152F0} 2014-05-26 09:00 - 2014-05-26 09:00 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{E21FF5F2-33EB-499E-97D1-997277DB3ED5} 2014-05-25 20:59 - 2014-05-25 20:59 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{90970A7D-D6C2-4678-99B1-5832292A242D} 2014-05-25 08:59 - 2014-05-25 08:58 - 00000000 ____D () C:\Users\gebruiker\AppData\Local\{ABA80785-0DC6-465C-9554-90E45C921864} Files to move or delete: ==================== C:\Users\gebruiker\AppData\Roaming\cache.ini C:\Users\gebruiker\AppData\Roaming\settings.ini ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2014-06-24 14:26] - [2011-02-25 09:19] - 2871808 ____A (Microsoft Corporation) 332FEAB1435662FC6C672E25BEB37BE3 C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 33% Total physical RAM: 2046.18 MB Available physical RAM: 1366.67 MB Total Pagefile: 2046.18 MB Available Pagefile: 1516.33 MB Total Virtual: 2047.88 MB Available Virtual: 1952.66 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:149.05 GB) (Free:24.4 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive e: () (Removable) (Total:14.83 GB) (Free:14.81 GB) FAT32 Drive f: (Vroegere schijf) (Fixed) (Total:465.66 GB) (Free:192.21 GB) NTFS Drive k: (Herstelschijf Windows 7 32-bits) (CDROM) (Total:0.14 GB) (Free:0 GB) UDF Drive l: (Seagate Expansion Drive) (Fixed) (Total:1863.01 GB) (Free:341.83 GB) NTFS Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (Door systeem gereserveerd) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9E659E65) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: E7B0E7B0) Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS) ======================================================== Disk: 6 (Size: 15 GB) (Disk ID: F92F9851) Partition 1: (Not Active) - (Size=15 GB) - (Type=0C) ======================================================== Disk: 7 (Size: 1863 GB) (Disk ID: C0159C0E) Partition 1: (Not Active) - (Size=-198627557376) - (Type=07 NTFS) LastRegBack: 2014-06-10 10:04 ==================== End Of Log ============================