Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-02-2017 Ran by Tim (18-02-2017 10:34:37) Running from C:\Users\Tim\Desktop Microsoft Windows 8.1 met Bing (X86) (2016-03-09 12:25:24) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1556124094-4218111898-1118812907-500 - Administrator - Disabled) Gast (S-1-5-21-1556124094-4218111898-1118812907-501 - Limited - Disabled) Tim (S-1-5-21-1556124094-4218111898-1118812907-1001 - Administrator - Enabled) => C:\Users\Tim ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: FortiClient AntiVirus (Enabled - Up to date) {71629DC5-BE6F-CCD3-C5A5-014980643264} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: FortiClient AntiVirus (Enabled - Up to date) {CA037C21-9855-C35D-FF15-3A3BFBE378D9} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 15.14 (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov) Adobe Acrobat Reader DC - Nederlands (HKLM\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated) Adobe Digital Editions 4.5 (HKLM\...\Adobe Digital Editions 4.5) (Version: 4.5.3 - Adobe Systems Incorporated) Adobe Flash Player 24 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated) ASUS Live Update (HKLM\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS) ASUS Smart Gesture (HKLM\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.02.0001 - ASUS) ATK Package (HKLM\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0036 - ASUS) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.93.103.4 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform) Finale NotePad 2012 (HKLM\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic) FortiClient (HKLM\...\{B5E0B33F-91D4-408B-BE40-46BCA75F3914}) (Version: 5.4.0.0780 - Fortinet Inc) Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Earth (HKLM\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden HP Deskjet 2540 series Basissoftware van het apparaat (HKLM\...\{2DAFEEDC-792D-4F00-A854-C4F2AD2A2A73}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Deskjet 2540 series Help (HKLM\...\{50467ECF-F6A9-40EC-A649-67EB6FAD9894}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Support Solutions Framework (HKLM\...\{2C355CC7-B163-4A89-8970-6C7B60FDA88A}) (Version: 12.5.32.203 - HP) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) inSSIDer Home (HKLM\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC) Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation) Malwarebytes Anti-Malware versie 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation) Productverbeteringsonderzoek voor HP Deskjet 2540 series (HKLM\...\{C9340C9F-E64D-4705-8C4D-6C191E530A7B}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Realtek I2S Audio (HKLM\...\{89A448AA-3301-46AA-AFC3-34F2D7C670E8}) (Version: 6.2.9600.4192 - Realtek Semiconductor Corp.) Skype™ 7.32 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.) Ulead PhotoImpact 12 (HKLM\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) WD Security (HKLM\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) WD Security (Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden WinDirStat 1.1.2 (HKU\S-1-5-21-1556124094-4218111898-1118812907-1001\...\WinDirStat) (Version: - ) Windows-stuurprogrammapakket - ASUS (AsusHID) Mouse (02/11/2015 3.0.0.45) (HKLM\...\A552D97B1B8FC58219CD2CF1374B13186F1FE6F0) (Version: 02/11/2015 3.0.0.45 - ASUS) WinFlash (HKLM\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) WinHTTrack Website Copier 3.48-22 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1556124094-4218111898-1118812907-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll => No File CustomCLSID: HKU\S-1-5-21-1556124094-4218111898-1118812907-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll => No File CustomCLSID: HKU\S-1-5-21-1556124094-4218111898-1118812907-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1556124094-4218111898-1118812907-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll => No File ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00BF703C-828F-475D-A6F3-B30EA29C0A58} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.) Task: {4A6EA789-C3FE-4D4F-9668-469C78E45C09} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {4C96F785-60EF-4E4F-A78A-786948B84B54} - System32\Tasks\GoogleUpdateTaskMachineUA1d17a17da5d69ff => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-09] (Google Inc.) Task: {553F14DF-EEE4-4BC7-B084-9DC9CC660F87} - System32\Tasks\Update Checker => C:\Program Files\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {6FE97451-73E2-48BB-A492-0E81D9945AEF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-09] (Google Inc.) Task: {8376A16A-E897-446E-8A66-FBE85D0126DF} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLauncher.exe [2015-08-17] (AsusTek) Task: {8C38D76A-91B2-4498-8FA6-349885A6250D} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files\ASUS\Splendid\ACMON.exe [2014-06-03] (ASUS) Task: {99C95E1C-8CFC-408C-9314-E863597E4B5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-09] (Google Inc.) Task: {9FF19096-4A42-4520-94B8-55783CD66E23} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated) Task: {A0CB0AFA-6E7C-42EE-9219-DE8C2C098451} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [2017-02-14] (Adobe Systems Incorporated) Task: {B2E7F00B-BB26-4065-B1DB-F184FF65B073} - System32\Tasks\ASUS Live Update1 => C:\Program Files\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {B52E8B5A-810C-4320-A0E3-A1FBD6F56945} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {EAE83D03-C342-47BF-AD5C-6A23C44C7649} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd) Task: {EDFC9097-63BD-46DE-A623-E8C8AD8E67A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.) Task: {F4A46B36-D3DB-41E6-83EC-FB7A75EB7EBF} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-06 11:08 - 2015-10-06 11:08 - 00552978 _____ () C:\Program Files\Fortinet\FortiClient\sqlite3.dll 2014-06-03 21:01 - 2014-06-03 21:01 - 00117248 _____ () C:\Program Files\ASUS\Splendid\CCTAdjust.dll 2014-06-03 21:01 - 2014-06-03 21:01 - 00037936 _____ () C:\Program Files\ASUS\Splendid\DetectDisplayDC.dll 2014-06-03 21:01 - 2014-06-03 21:01 - 00018992 _____ () C:\Program Files\ASUS\Splendid\AMDColorEnhance.dll 2014-06-03 21:01 - 2014-06-03 21:01 - 00020528 _____ () C:\Program Files\ASUS\Splendid\AMDRegammaAndGamut.dll 2016-03-09 16:11 - 2004-07-26 17:11 - 00028672 ____N () C:\Program Files\Common Files\Ulead Systems\AutoDetector\DetMethod.dll 2017-02-07 20:34 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libglesv2.dll 2017-02-07 20:34 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 07:13 - 2013-08-22 07:13 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1556124094-4218111898-1118812907-1001\Control Panel\Desktop\\Wallpaper -> C:\ONTWIKKELINGEN\[ 3D ZAKEN ]\~ MECHANISCHE ELEKTRONICA ~\LAPTOP\Featured-Image-Palazzo-Versace.jpg DNS Servers: 84.116.46.20 - 84.116.46.21 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{6DE25E97-2325-48BB-8C66-365A01D765E4}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiProxy.exe FirewallRules: [{25DDB58A-9B0A-4C2A-BFDF-CCE0FBFB573C}] => (Allow) C:\Program Files\Fortinet\FortiClient\ipsec.exe FirewallRules: [{74AD9D60-0851-4DF1-9C70-ED7BD0C4B21E}] => (Allow) C:\Program Files\Fortinet\FortiClient\FortiWad.exe FirewallRules: [{AC234BFC-0570-405E-9C91-51D04D2F750B}] => (Allow) C:\Program Files\Fortinet\FortiClient\fortiesnac.exe FirewallRules: [TCP Query User{37E39FEA-EC6E-41B7-9920-9E11FD966208}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [UDP Query User{8EB7679A-A0D9-4CBB-8AEB-00A319CC768F}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [{657E7A52-860A-4ACB-9843-E7AC58E4E6C6}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [{311CE309-019B-4FCE-BCD0-4FA2E80F9004}] => (Allow) LPort=5357 FirewallRules: [{21C50817-0081-4BCA-B561-D0FD84715818}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{32DDBDEC-4A30-456E-B37D-666104C88D70}] => (Allow) C:\Program Files\Zoiper\Zoiper.exe FirewallRules: [{5306E44F-AF42-4FA3-B257-365AB7225578}] => (Allow) C:\Program Files\Zoiper\Zoiper.exe FirewallRules: [TCP Query User{15444C82-2920-4429-BA93-84E8F5011D1E}C:\program files\microsip\microsip.exe] => (Allow) C:\program files\microsip\microsip.exe FirewallRules: [UDP Query User{CC63526A-F7E8-4AFE-81D0-08B39AA95A34}C:\program files\microsip\microsip.exe] => (Allow) C:\program files\microsip\microsip.exe FirewallRules: [TCP Query User{5ABEE03A-0EEA-4414-95F4-A58B05E7C28A}C:\program files\jitsi\jitsi.exe] => (Allow) C:\program files\jitsi\jitsi.exe FirewallRules: [UDP Query User{17ADF414-F6DE-47AB-9329-CFDB8EA942FF}C:\program files\jitsi\jitsi.exe] => (Allow) C:\program files\jitsi\jitsi.exe FirewallRules: [{C3E14F7B-D9D9-46F2-A76B-09071C630A3B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= Name: USB2.0 VGA UVC WebCam Description: USB-videoapparaat Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: usbvideo Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= ==================== Memory info =========================== Processor: Intel(R) Atom(TM) CPU Z3735F @ 1.33GHz Percentage of memory in use: 55% Total physical RAM: 1976.89 MB Available physical RAM: 873.66 MB Total Virtual: 4024.89 MB Available Virtual: 2817.77 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:20.9 GB) (Free:4.13 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 29.1 GB) (Disk ID: 7A5C92A5) Partition: GPT. ==================== End of Addition.txt ============================