Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My computer is infected [Closed]


  • This topic is locked This topic is locked

#1
Birdo123

Birdo123

    New Member

  • Member
  • Pip
  • 1 posts

Hello, when I boot my PC there comes a popup that "bstack.dll" is missing. And when I try to execute something 'expand.exe' won't be recognized.

How can I fix this problem?

 

I've scanned my PC with FRST and here are the results of FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
Ran by Beheerder (administrator) on BWPC05 on 26-06-2015 10:48:46
Running from C:\Users\Beheerder\Desktop
Loaded Profiles: Beheerder (Available Profiles: Beheerder)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Remote Monitoring) C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\System32\x886Mbgnd.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(ThreatTrack Security, Inc.) C:\Program Files (x86)\Advanced Monitoring Agent\managedav\SBAMSvc.exe
() C:\Program Files (x86)\Advanced Monitoring Agent\systray\SysTray.exe
(Managed Antivirus) C:\Program Files (x86)\Advanced Monitoring Agent\managedav\SBAMTray.exe
() C:\Windows\System32\xrxbeacn.exe
() C:\Windows\System32\xnetsrvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
(Atmel) C:\Program Files (x86)\Atmel\Atmel Studio 6.1\atmelstudio.exe
(Atmel Corporation) C:\Program Files (x86)\Atmel\Atmel Studio 6.1\atbackend\atbackend.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-17] (Realtek Semiconductor)
HKLM\...\Run: [XeroxBackgroundTask] => C:\Windows\system32\x886Mbgnd.exe [99328 2007-09-17] ()
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe [9549808 2015-06-24] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AdvancedMonitoringSysTray] => C:\Program Files (x86)\Advanced Monitoring Agent\systray\Launcher.exe [292352 2015-01-07] ()
HKLM-x32\...\Run: [SBAMTray] => C:\Program Files (x86)\Advanced Monitoring Agent\managedav\SBAMTray.exe [3232152 2013-05-28] (Managed Antivirus)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\...\Run: [BluetoothManager] => rundll32.exe "%appdata%\Microsoft\bstack.dll",bs_init
HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_134_ActiveX.exe [962224 2015-04-10] (Adobe Systems Incorporated)
HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\...\Policies\Explorer: [Run] "C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\IEUpdate\expand.exe"
HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\...\MountPoints2: {c5fffd91-e35d-11df-98b7-806e6f6e6963} - E:\start.exe
HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\...\Command Processor: "C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\IEUpdate\expand.exe" <===== ATTENTION!
HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\IEUpdate\expand.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\Users\whal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-11-28]
ShortcutTarget: Dropbox.lnk -> C:\Users\Beheerder\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2563555894-2037824764-3050542833-1000 -> DefaultScope {0EA634A0-6D19-403F-B899-599527031914} URL = http://www.google.nl...&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2563555894-2037824764-3050542833-1000 -> {0EA634A0-6D19-403F-B899-599527031914} URL = http://www.google.nl...&q={searchTerms}
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1106\6.6.1077\TmIEPlg.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30] (Adobe Systems Incorporated)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1106\6.6.1077\TmIEPlg32.dll No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-04-01] (Sun Microsystems, Inc.)
DPF: HKLM-x32 {00134F72-5284-44F7-95A8-52A619F70752} https://192.168.25.2...ll/WinNTChk.cab
DPF: HKLM-x32 {9BBB3919-F518-4D06-8209-299FC243FC44} https://192.168.25.2...root/AtxEnc.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1106\6.6.1077\TmIEPlg32.dll No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Client Server Security Agent\UIFramework\ProToolbarIMRatingActiveX.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.25.250 172.29.13.34

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll [2013-02-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll [2013-02-08] ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-04-01] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-07-30] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1106\6.6.1077\firefoxextension

Chrome:
=======
StartMenuInternet: Google Chrome.C6UX4YPK5QO5XDSZTBC4BS4OEY - C:\Users\rbenard\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Advanced Monitoring Agent; C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe [8429056 2015-04-16] (Remote Monitoring) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe [716664 2015-06-24] ()
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SBAMSvc; C:\Program Files (x86)\Advanced Monitoring Agent\managedav\SBAMSvc.exe [3681016 2013-05-28] (ThreatTrack Security, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 XnetSrvc; C:\Windows\system32\xnetsrvc.exe [177152 2007-05-23] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2015-01-06] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2015-01-06] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2015-01-06] (BitDefender)
R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2015-01-06] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2015-01-06] (BitDefender LLC)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2015-03-11] (GFI Software)
R3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys [155912 2015-01-22] (BitDefender LLC)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [267776 2013-05-12] (Jungo Connectivity)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-26 10:42 - 2015-06-26 10:42 - 00000000 ____D C:\Users\Beheerder\AppData\Roaming\Lavasoft
2015-06-26 10:40 - 2015-06-26 10:40 - 00000000 _____ C:\Windows\system32\SBRC.dat
2015-06-26 10:37 - 2015-06-26 10:37 - 00000000 ____D C:\ProgramData\BitDefender
2015-06-26 10:30 - 2015-06-26 10:30 - 00002328 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-06-26 10:30 - 2015-06-26 10:30 - 00000017 _____ C:\ProgramData\adaware-installer-reboot-required.tmp
2015-06-26 10:30 - 2015-06-26 10:30 - 00000000 ____D C:\Users\Beheerder\AppData\Roaming\LavasoftStatistics
2015-06-26 10:30 - 2015-06-26 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-06-26 10:30 - 2015-01-06 13:47 - 01061776 _____ (BitDefender S.R.L.) C:\Windows\system32\bdsmtpp.dll
2015-06-26 10:30 - 2015-01-06 13:47 - 00209984 _____ (BitDefender) C:\Windows\system32\BdFirewallSDK.dll
2015-06-26 10:30 - 2015-01-06 13:47 - 00195016 _____ (BitDefender) C:\Windows\system32\httproxy.dll
2015-06-26 10:30 - 2015-01-06 13:47 - 00156936 _____ C:\Windows\system32\bdfwcore.dll
2015-06-26 10:30 - 2015-01-06 13:47 - 00155912 _____ (BitDefender S.R.L.) C:\Windows\system32\bdpop3p.dll
2015-06-26 10:30 - 2015-01-06 13:47 - 00122928 _____ (BitDefender) C:\Windows\system32\OEMbdpredir.dll
2015-06-26 10:30 - 2015-01-06 13:47 - 00096160 _____ (BitDefender) C:\Windows\system32\bdpredir.dll
2015-06-26 10:30 - 2015-01-06 13:37 - 02084072 _____ (Bitdefender) C:\Windows\system32\bdnc.dll
2015-06-26 10:29 - 2015-06-26 10:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-06-26 10:29 - 2015-06-26 10:29 - 00000000 ____D C:\Program Files\Lavasoft
2015-06-26 10:27 - 2015-06-26 10:27 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2015-06-26 10:25 - 2015-06-26 10:25 - 02057008 _____ C:\Users\Beheerder\Desktop\Adaware_Installer.exe
2015-06-26 10:25 - 2015-06-26 10:25 - 00000000 ____D C:\ProgramData\Lavasoft
2015-06-26 10:13 - 2015-06-26 10:14 - 00037934 _____ C:\Users\Beheerder\Desktop\Addition.txt
2015-06-26 10:12 - 2015-06-26 10:49 - 00012015 _____ C:\Users\Beheerder\Desktop\FRST.txt
2015-06-26 10:11 - 2015-06-26 10:48 - 00000000 ____D C:\FRST
2015-06-26 10:11 - 2015-06-26 10:11 - 02112512 _____ (Farbar) C:\Users\Beheerder\Desktop\FRST64.exe
2015-06-24 11:56 - 2015-06-24 11:56 - 00002119 _____ C:\Users\Public\Desktop\Atmel Studio 6.1.lnk
2015-06-24 11:28 - 2015-06-24 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atmel
2015-06-23 08:01 - 2015-06-23 08:01 - 00000000 ____D C:\Windows\system32\Řj
2015-06-17 07:59 - 2015-06-17 07:59 - 00000000 ____D C:\Windows\system32\Řȵ
2015-06-11 15:49 - 2015-06-11 15:50 - 00000000 ____D C:\Users\Beheerder\AppData\Roaming\Local Store
2015-06-11 10:14 - 2015-06-11 10:14 - 00347984 _____ C:\Windows\Minidump\061115-15693-01.dmp
2015-06-11 10:14 - 2015-06-11 10:14 - 00000000 ____D C:\Windows\Minidump
2015-06-11 08:54 - 2015-06-11 08:54 - 00000000 ____D C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAVR-20100110
2015-06-11 08:53 - 2015-06-11 08:54 - 00000000 ____D C:\WinAVR-20100110
2015-06-10 08:18 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 08:18 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 08:18 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 08:18 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 08:18 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 08:18 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 08:18 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 08:18 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 08:18 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 08:18 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 08:18 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 08:18 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 08:18 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 08:18 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 08:18 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 08:18 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 08:18 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 08:18 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 08:18 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 08:18 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 08:18 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 08:18 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 08:18 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 08:18 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 08:18 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 08:18 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 08:18 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 08:18 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 08:18 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 08:18 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 08:18 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 08:18 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 08:18 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 08:18 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 08:18 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 08:18 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 08:18 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 08:18 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 08:18 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 08:18 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 08:18 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 08:18 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 08:18 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 08:18 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 08:18 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 08:18 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 08:18 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 08:18 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 08:18 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 08:18 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 08:18 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 08:18 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 08:18 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 08:18 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 08:18 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 08:18 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:18 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:18 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 08:18 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 08:18 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 08:18 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 08:18 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 08:18 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 08:18 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 08:18 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 08:18 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 08:18 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 08:18 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 08:18 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 08:18 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 08:18 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 08:18 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 08:18 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 08:18 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 08:18 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 08:18 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 08:18 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 08:18 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 08:18 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 08:18 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 08:18 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 08:18 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 08:18 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 08:18 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 08:18 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 08:18 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 08:18 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 08:18 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 08:18 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 08:18 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 08:18 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 08:18 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 08:18 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 08:18 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 08:18 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 08:18 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 08:18 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 08:18 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 08:18 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 08:18 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 08:18 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 08:18 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 08:18 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 08:18 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 08:18 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 08:18 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 08:18 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 08:18 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 08:18 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 08:18 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 08:18 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 08:18 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 08:18 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 08:18 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 08:18 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 08:18 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 08:18 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 08:18 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 08:18 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 08:18 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 08:18 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 08:18 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 08:18 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 08:18 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 08:18 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 08:18 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 08:18 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 08:18 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 08:18 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 08:18 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 08:18 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 08:18 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 08:18 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 08:18 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-05 07:59 - 2015-06-05 07:59 - 00000000 ____D C:\Windows\system32\ŘNJ
2015-06-03 13:22 - 2015-06-03 13:22 - 00000000 ____D C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bureau-accessoires
2015-06-03 08:02 - 2015-06-03 08:02 - 00000000 ____D C:\Users\Beheerder\AppData\Local\GWX
2015-06-02 17:09 - 2015-06-02 17:09 - 00000722 _____ C:\Windows\SysWOW64\ThreatDefinitionsConfig.xml
2015-05-27 08:05 - 2015-05-27 08:05 - 00000000 ____D C:\Users\Beheerder\AppData\Roaming\Arduino15
2015-05-27 08:05 - 2015-05-27 08:05 - 00000000 ____D C:\Users\Beheerder\.jssc
2015-05-27 08:00 - 2015-05-27 08:00 - 00000000 ____D C:\Windows\system32\ŘȎ

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-26 10:29 - 2009-07-14 06:51 - 00061921 _____ C:\Windows\setupact.log
2015-06-26 10:15 - 2009-07-14 06:45 - 00014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-26 10:15 - 2009-07-14 06:45 - 00014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-26 10:07 - 2015-03-12 17:49 - 00000000 ____D C:\Program Files (x86)\Advanced Monitoring Agent
2015-06-26 10:01 - 2015-05-05 11:52 - 00000000 ____D C:\Users\Beheerder\AppData\Roaming\VisualAssistAtmel
2015-06-26 10:01 - 2015-05-05 11:52 - 00000000 ____D C:\Users\Beheerder\AppData\Local\VisualAssistAtmel
2015-06-26 09:55 - 2012-09-20 11:43 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3349364936-684848650-1449504243-1143UA.job
2015-06-26 09:18 - 2010-11-01 09:09 - 01088931 _____ C:\Windows\WindowsUpdate.log
2015-06-26 08:01 - 2013-02-28 10:18 - 00156668 _____ C:\xrxnetsrvc.log
2015-06-26 08:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-25 10:55 - 2012-09-20 11:43 - 00001022 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3349364936-684848650-1449504243-1143Core.job
2015-06-24 11:32 - 2015-05-05 09:40 - 00000000 ____D C:\Program Files (x86)\Atmel
2015-06-24 11:28 - 2010-11-01 09:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-24 11:27 - 2013-02-08 10:55 - 00018832 _____ C:\Windows\DPINST.LOG
2015-06-23 13:22 - 2010-10-30 01:08 - 00746276 _____ C:\Windows\system32\perfh013.dat
2015-06-23 13:22 - 2010-10-30 01:08 - 00153482 _____ C:\Windows\system32\perfc013.dat
2015-06-23 13:22 - 2009-07-14 07:13 - 01672058 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-12 12:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-11 08:17 - 2015-05-07 10:27 - 00000000 ____D C:\WinAVR-20090313
2015-06-11 08:03 - 2015-03-10 09:10 - 00000000 __SHD C:\Users\Beheerder\AppData\Local\EmieUserList
2015-06-11 08:03 - 2015-03-10 09:10 - 00000000 __SHD C:\Users\Beheerder\AppData\Local\EmieSiteList
2015-06-11 08:03 - 2015-03-10 09:10 - 00000000 __SHD C:\Users\Beheerder\AppData\Local\EmieBrowserModeList
2015-06-11 08:02 - 2011-06-15 16:22 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-11 08:02 - 2009-07-14 06:45 - 00299792 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 08:00 - 2015-02-07 15:22 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-11 08:00 - 2015-02-07 15:22 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-11 07:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 17:10 - 2011-06-15 14:28 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-27 08:05 - 2015-05-06 16:05 - 00000000 ____D C:\Users\Beheerder\Documents\Arduino
2015-05-27 08:05 - 2010-11-01 09:10 - 00000000 ____D C:\Users\Beheerder

==================== Files in the root of some directories =======

2015-06-26 10:30 - 2015-06-26 10:30 - 0000017 _____ () C:\ProgramData\adaware-installer-reboot-required.tmp

Some files in TEMP:
====================
C:\Users\administrator\AppData\Local\Temp\AskSLib.dll
C:\Users\administrator\AppData\Local\Temp\converter.exe
C:\Users\administrator\AppData\Local\Temp\GoogleToolbarInstaller_stub_signed.exe
C:\Users\rbenard\AppData\Local\Temp\AdbeRdr1010_nl_NL.exe
C:\Users\rbenard\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\rbenard\AppData\Local\Temp\gtbcheck.exe
C:\Users\rbenard\AppData\Local\Temp\install_reader10_nl_gtba_aih.exe
C:\Users\rbenard\AppData\Local\Temp\_is5560.exe
C:\Users\rbenard\AppData\Local\Temp\_isBBEE.exe
C:\Users\whal\AppData\Local\Temp\EU_nl_Avery_AW40.exe
C:\Users\whal\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\whal\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\whal\AppData\Local\Temp\i4jdel0.exe
C:\Users\whal\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\whal\AppData\Local\Temp\install_flashplayer11x32_mssd_aih_1.exe
C:\Users\whal\AppData\Local\Temp\install_flashplayer11x32_mssd_aih_2.exe
C:\Users\whal\AppData\Local\Temp\JavaIC.dll
C:\Users\whal\AppData\Local\Temp\msscct32.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-23 08:58

==================== End of log ============================

 

 

 

And here the results of Addition.txt:

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by Beheerder at 2015-06-26 10:49:50
Running from C:\Users\Beheerder\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2563555894-2037824764-3050542833-500 - Administrator - Disabled)
Beheerder (S-1-5-21-2563555894-2037824764-3050542833-1000 - Administrator - Enabled) => C:\Users\Beheerder
Gast (S-1-5-21-2563555894-2037824764-3050542833-501 - Limited - Disabled)
install (S-1-5-21-2563555894-2037824764-3050542833-1003 - Administrator - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Managed Antivirus Managed Antivirus (Enabled - Up to date) {FFE93D16-FD09-0282-C7D3-8B1731B6A051}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Managed Antivirus Managed Antivirus (Enabled - Up to date) {4488DCF2-DB33-0D0C-FD63-B0654A31EAEC}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.9 - Hewlett-Packard) Hidden
Ad-Aware Antivirus (HKLM\...\{A041066D-37EF-46FC-9DF7-465A07F1C5CF}_AdAwareUpdater) (Version: 11.7.485.8398 - Lavasoft)
AdAwareInstaller (Version: 11.7.485.8398 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.7.485.8398 - Lavasoft) Hidden
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.5.502.149 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Advanced LAN Scanner v1.0 BETA 1 (HKLM-x32\...\Advanced LAN Scanner v1.0 BETA 1) (Version:  - )
Advanced Monitoring Agent GP (HKLM-x32\...\Advanced Monitoring Agent GP) (Version: 1.0.0 - Remote Monitoring Services)
Advanced Monitoring Agent GP (x32 Version: 1.0 - InstallAware Software Corporation) Hidden
Advanced Monitoring Agent GP (x32 Version: 1.0.0 - Remote Monitoring Services) Hidden
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.3171.0 - Lavasoft) Hidden
Atmel ARM GNU Toolchain (HKLM-x32\...\{2FD611C3-3CB4-4270-A707-599534207327}) (Version: 4.7.3.1029 - Atmel)
Atmel AVR (32 bit) GNU Toolchain (HKLM-x32\...\{6C145A91-14F2-4135-88CD-A9ADC2D20769}) (Version: 3.4.2.1002 - Atmel)
Atmel AVR (8 bit) GNU Toolchain (HKLM-x32\...\{27BF4D30-8C2D-4C9E-934B-B20CC2C56A4F}) (Version: 3.4.2.1002 - Atmel)
Atmel Studio 6.1 (HKLM-x32\...\{71D5A296-D77E-4BC5-BB75-12AD20001A61}) (Version: 6.1.2730 - Atmel)
Atmel USB (HKLM-x32\...\{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}) (Version: 11.5 - Atmel)
AtmelSoftwareFramework (HKLM-x32\...\{12B00B9E-5C2C-48CB-B79A-10BA40E87198}) (Version: 3.8.900 - Atmel)
AvcEngine (Version: 3.10.7820.0 - Lavasoft) Hidden
Avery Wizard 4.0 (HKLM-x32\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
AVR macro Assembler (HKLM-x32\...\{9BD4DB0C-954E-4098-AFC1-7B1A23B4A7FD}) (Version: 2.1.39.1005 - Atmel)
Brother MFL-Pro Suite MFC-9440CN (HKLM-x32\...\{C83FB11D-9EC6-49D7-99A7-DDDB2264883C}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
EAGLE 6.1.0 (HKLM-x32\...\EAGLE 6.1.0) (Version: 6.1.0 - CadSoft Computer GmbH)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
FlukeView Power Quality Analyzer 3 (HKLM-x32\...\{786FB8FC-F686-45A9-8691-A57BE6798F63}) (Version:  - )
Installatie Xerox Phaser 8510_8560-scanner ongedaan maken (HKLM\...\Xerox_Scan_Utility) (Version:  - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Java™ 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle)
JLink OB CDC Driver Package (HKLM\...\{85153CE3-6356-407F-A672-C1FA085FB031}) (Version: 1.2.2 - SEGGER)
Managed Antivirus (HKLM-x32\...\{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}) (Version: 6.2.5528 - GFI Software)
Managed Antivirus (x32 Version: 6.2.5528 - GFI Software) Hidden
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.30319 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
Power Log 3.4 (HKLM-x32\...\Power Log) (Version: 3.4 - Fluke Corporation)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
SmartView 3.2 (HKLM-x32\...\{F7481131-3D39-4BB2-A339-1807EDD56B33}) (Version: 3.2 - Fluke)
Stuurprogrammapakket voor Windows - Segger (jlink) USB  (04/11/2012 2.6.8.2) (HKLM\...\419546AE8E4244C647A348987F769803F43B9C4F) (Version: 04/11/2012 2.6.8.2 - Segger)
Stuurprogrammapakket voor Windows - SEGGER (usbser) Ports  (01/25/2012 6.0.2600.4) (HKLM\...\BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1) (Version: 01/25/2012 6.0.2600.4 - SEGGER)
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (HKLM\...\Microsoft .NET Framework 4 Client Profile NLD Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Trend Micro Worry-Free Business Security Agent (x32 Version: 1.0.0 - Trend Micro Incorporated) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_STANDARD_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version:  - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_STANDARD_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version:  - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_STANDARD_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version:  - Microsoft)
WinAVR 20090313 (remove only) (HKLM-x32\...\WinAVR-20090313) (Version: 20090313 - )
WinAVR 20100110 (remove only) (HKLM-x32\...\WinAVR-20100110) (Version: 20100110 - )
Windows Driver Package - Fluke (WinUSB) Thermal Imager  (08/21/2011 1.0.1) (HKLM\...\B5657FC7A1FBE007CD962905D131D1CA759A45D4) (Version: 08/21/2011 1.0.1 - Fluke)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

26-06-2015 08:58:44 Gepland controlepunt
26-06-2015 10:25:40 AA11

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B4DF7B4-3453-4CC4-8074-A56285CA497A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3349364936-684848650-1449504243-1143UA => C:\Users\rbenard\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-20] (Google Inc.)
Task: {29DE3CD9-CF7F-49C5-A17B-7FB229B1FFF8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {3704AD1C-4DF6-41B8-B975-6CC5ED376F70} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-5d => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {3E2CCE4E-C5E3-460D-8A3F-7943B8994179} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-01] (Microsoft Corporation)
Task: {5DDD7F5D-9323-461D-8120-C811B70D4B2C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {BE6764E3-B0FB-42C5-AF52-8098F18DE870} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {C8EB71E0-7D43-4522-8514-975228B4CC31} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {E09F4C5E-8E30-49ED-87AC-EF24D464C06D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {EB619492-02FE-4E9E-962A-5FCD60F34BC5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3349364936-684848650-1449504243-1143Core => C:\Users\rbenard\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-20] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3349364936-684848650-1449504243-1143Core.job => C:\Users\rbenard\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3349364936-684848650-1449504243-1143UA.job => C:\Users\rbenard\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-02-28 10:10 - 2009-11-05 09:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
2012-12-12 15:30 - 2005-04-22 14:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2012-12-12 15:11 - 2007-07-03 10:29 - 00327680 _____ () C:\Windows\system32\xiputil.dll
2012-12-12 15:11 - 2007-07-03 10:29 - 00396800 _____ () C:\Windows\system32\xipinterp.dll
2012-12-12 15:11 - 2007-07-03 10:29 - 00175104 _____ () C:\Windows\system32\xesup.dll
2012-12-12 15:11 - 2007-07-03 10:29 - 01589760 _____ () C:\Windows\system32\xeext.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 02790408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareShellExtension.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 03480032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\RCF.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00122904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_filesystem-vc120-mt-1_58.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00025616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_system-vc120-mt-1_58.dll
2012-12-12 15:11 - 2007-09-17 14:04 - 00099328 _____ () C:\Windows\System32\x886Mbgnd.exe
2012-12-12 15:11 - 2007-06-21 13:59 - 00038912 _____ () C:\Windows\system32\xrxbcnps.dll
2015-03-13 08:57 - 2015-01-07 02:03 - 00292352 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\systray\SysTray.exe
2012-12-12 15:12 - 2007-09-28 15:31 - 00261632 _____ () C:\Windows\system32\xrxbeacn.exe
2012-12-12 15:11 - 2007-05-23 16:13 - 00037888 _____ () C:\Windows\system32\xnetsrvcps.dll
2012-12-12 15:11 - 2007-05-23 16:13 - 00177152 _____ () C:\Windows\system32\xnetsrvc.exe
2015-06-24 19:18 - 2015-06-24 19:18 - 09549808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe
2015-06-24 19:18 - 2015-06-24 19:18 - 00056856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_date_time-vc120-mt-1_58.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00107536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_thread-vc120-mt-1_58.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00034832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_chrono-vc120-mt-1_58.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00492048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_locale-vc120-mt-1_58.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 02266104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\HtmlFramework.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00868360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTrayDefaultSkin.dll
2015-06-24 19:14 - 2015-06-24 19:14 - 00716664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe
2015-06-24 19:18 - 2015-06-24 19:18 - 12893184 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareServiceKernel.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00911376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_regex-vc120-mt-1_58.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00709120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareActivation.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00474128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareApplicationUpdater.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00847360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareGamingMode.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00100848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareReset.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00122864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTime.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 01010704 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareDefinitionsUpdater.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00905248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareDefinitionsUpdaterScheduler.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 01146368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareIgnoreList.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00243200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareQuarantine.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 01050120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareAntiMalwareEngine.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00205832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareAntiRootkitEngine.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 01210376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareScannerHistory.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 01337336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareScanner.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00035856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_timer-vc120-mt-1_58.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 01018888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareScannerScheduler.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 01174544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareRealTimeProtection.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00244224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareIncompatibles.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00933368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareAntiSpam.dll
2015-06-24 19:17 - 2015-06-24 19:17 - 00883200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareAntiPhishing.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 03263496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareParentalControl.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 02984960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareWebProtection.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 01324040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareEmailProtection.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00059416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_iostreams-vc120-mt-1_58.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 01312264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareNetworkProtection.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 01013744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwarePromo.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00365560 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareFeedback.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 02958352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareThreatWorkAlliance.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 01261560 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwarePinCode.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 01014264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareNotice.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 01002488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareAvcEngine.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 01222168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareRealTimeProtectionHistory.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00468992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareStatistics.dll
2015-06-26 10:30 - 2015-01-06 13:47 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll
2015-06-26 10:37 - 2015-06-26 10:37 - 00789856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpbr.mdl
2015-06-26 10:37 - 2015-06-26 10:37 - 00710016 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpdsp.mdl
2015-06-26 10:37 - 2015-06-26 10:37 - 02683008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttpph.mdl
2015-06-26 10:37 - 2015-06-26 10:37 - 01325480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc2\ashttprbl.mdl
2012-06-18 12:24 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-03-13 09:12 - 2015-04-23 23:03 - 00184184 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\managedav\Definitions\libBase64.dll
2015-03-13 09:12 - 2015-04-23 23:03 - 00175992 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\managedav\Definitions\libMachoUniv.dll
2009-02-27 19:11 - 2009-02-27 19:11 - 01691648 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.NLD
2009-02-27 14:13 - 2009-02-27 14:13 - 00319488 _____ () C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.NLD
2009-10-03 02:46 - 2009-10-03 02:46 - 00012288 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.NLD
2009-10-03 02:48 - 2009-10-03 02:48 - 00106496 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.NLD
2013-07-10 19:07 - 2013-07-10 19:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2012-01-03 23:51 - 2012-01-03 23:51 - 07561216 _____ () c:\program files (x86)\adobe\reader 9.0\reader\rdlang32.nld
2012-01-03 22:58 - 2012-01-03 22:58 - 01044480 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\PPKLite.NLD
2009-02-27 19:11 - 2009-02-27 19:11 - 00987136 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm.NLD
2009-02-27 19:11 - 2009-02-27 19:11 - 00270336 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\DigSig.NLD
2007-11-16 17:02 - 2007-11-16 17:02 - 00401408 ____R () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.dll
2007-11-16 17:02 - 2007-11-16 17:02 - 00479232 ____R () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ccme_base.dll
2009-02-27 13:52 - 2009-02-27 13:52 - 00258048 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll
2012-01-03 22:58 - 2012-01-03 22:58 - 00049152 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\weblink.NLD
2015-06-24 11:28 - 2013-08-07 08:10 - 00008192 _____ () C:\Program Files (x86)\Atmel\Atmel Studio 6.1\AVRSplash.dll
2015-06-24 11:28 - 2013-08-07 08:10 - 00018944 _____ () C:\Program Files (x86)\Atmel\Atmel Studio 6.1\1033\AvrStudioui.dll
2015-06-24 11:29 - 2015-06-24 11:29 - 00074752 _____ () C:\Program Files (x86)\Atmel\Atmel Studio 6.1\Extensions\Whole Tomato Software\Visual Assist X for Atmel Studio\10.7.1930.2\1033\VaPkgUI.dll
2015-06-24 11:29 - 2015-06-24 11:29 - 00327168 _____ () C:\Program Files (x86)\Atmel\Atmel Studio 6.1\Extensions\Whole Tomato Software\Visual Assist X for Atmel Studio\10.7.1930.2\VaPkg.dll
2013-07-31 13:13 - 2013-07-31 13:13 - 00175104 _____ () C:\Program Files (x86)\Atmel\Atmel Software Framework\3.11.0.792\GitWrapper.dll
2015-06-24 11:29 - 2015-06-24 11:29 - 00117248 _____ () C:\Program Files (x86)\Atmel\Atmel Studio 6.1\extensions\Whole Tomato Software\Visual Assist X for Atmel Studio\10.7.1930.2\VAX.Interop.dll
2015-06-24 11:34 - 2013-08-06 14:40 - 01220608 _____ () C:\Program Files (x86)\Atmel\Atmel Studio 6.1\atbackend\PocoFoundation.dll
2015-06-24 11:34 - 2013-08-06 14:40 - 00297472 _____ () C:\Program Files (x86)\Atmel\Atmel Studio 6.1\atbackend\PocoUtil.dll
2015-06-24 11:34 - 2013-08-06 14:40 - 00540672 _____ () C:\Program Files (x86)\Atmel\Atmel Studio 6.1\atbackend\PocoXML.dll
2015-06-24 11:34 - 2013-08-06 14:40 - 00404992 _____ () C:\Program Files (x86)\Atmel\Atmel Studio 6.1\atbackend\PocoOSP.dll
2015-06-24 11:34 - 2013-08-06 14:40 - 00230400 _____ () C:\Program Files (x86)\Atmel\Atmel Studio 6.1\atbackend\PocoZip.dll
2015-06-24 11:34 - 2013-08-06 14:40 - 04197888 _____ () C:\Program Files (x86)\Atmel\Atmel Studio 6.1\atbackend\LlvmDisassembler.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.25.250 - 172.29.13.34

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{A312AA1A-EB60-4B04-9687-76A99617C191}C:\program files (x86)\microsoft office\office12\excel.exe] => (Allow) C:\program files (x86)\microsoft office\office12\excel.exe
FirewallRules: [UDP Query User{B5BCA34F-181D-4218-8F53-14DE8E7EA3DD}C:\program files (x86)\microsoft office\office12\excel.exe] => (Allow) C:\program files (x86)\microsoft office\office12\excel.exe
FirewallRules: [TCP Query User{DA2BA6DA-9F76-475E-AE62-0C82FD923E02}C:\program files (x86)\microsoft office\office12\winword.exe] => (Allow) C:\program files (x86)\microsoft office\office12\winword.exe
FirewallRules: [UDP Query User{03F0E461-824E-4C78-BB44-B544F4288671}C:\program files (x86)\microsoft office\office12\winword.exe] => (Allow) C:\program files (x86)\microsoft office\office12\winword.exe
FirewallRules: [TCP Query User{60A41193-3C15-4418-AE76-291C14E59D40}C:\program files (x86)\adobe\reader 9.0\reader\acrord32.exe] => (Block) C:\program files (x86)\adobe\reader 9.0\reader\acrord32.exe
FirewallRules: [UDP Query User{FE50BF7A-5265-4669-9069-7A300D7D43AF}C:\program files (x86)\adobe\reader 9.0\reader\acrord32.exe] => (Block) C:\program files (x86)\adobe\reader 9.0\reader\acrord32.exe
FirewallRules: [TCP Query User{6E1887B5-BB45-479B-B8E0-B6884BC6E2B9}C:\program files (x86)\brother\controlcenter3\brccmctl.exe] => (Allow) C:\program files (x86)\brother\controlcenter3\brccmctl.exe
FirewallRules: [UDP Query User{64051260-BBA9-4D87-BA15-6E39CA9B33FD}C:\program files (x86)\brother\controlcenter3\brccmctl.exe] => (Allow) C:\program files (x86)\brother\controlcenter3\brccmctl.exe
FirewallRules: [{74C9FAD9-D2AE-45E9-ADB4-DBB21DF36893}] => (Allow) C:\Program Files (x86)\Brother\Brmfl06d\FAXRX.exe
FirewallRules: [{FCE07B17-F83B-4A45-AD8C-77606798B3E4}] => (Allow) C:\Program Files (x86)\Brother\Brmfl06d\FAXRX.exe
FirewallRules: [{88EC9E6F-CF75-4840-8863-27BE8438D691}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{EEEA9458-8BE3-46CD-8041-D8AAAF680BF1}E:\windows utilities\installer64\installationmanager.exe] => (Allow) E:\windows utilities\installer64\installationmanager.exe
FirewallRules: [UDP Query User{F539FAE6-97C6-4585-8685-53E4472D5578}E:\windows utilities\installer64\installationmanager.exe] => (Allow) E:\windows utilities\installer64\installationmanager.exe
FirewallRules: [{93D93A04-0955-44C7-BFD0-E521FF6EC7BC}] => (Allow) C:\Windows\System32\xnetsrvc.exe
FirewallRules: [{8411C7B3-515E-437A-9BB5-0FF7D3B819F1}] => (Allow) C:\Windows\System32\xnetsrvc.exe
FirewallRules: [{69376F49-476B-4FE8-A254-DEE951D63975}] => (Allow) C:\Windows\System32\xnetsrvc.exe
FirewallRules: [{0F76D22E-522A-4C49-B710-E12063A5A66E}] => (Allow) C:\Windows\System32\xnetsrvc.exe
FirewallRules: [{69278924-736F-448B-AC27-E5683FB21B79}] => (Allow) C:\Program Files (x86)\Advanced Monitoring Agent\managedav\SBAMSvc.exe
FirewallRules: [{7BCE6A3D-CA95-42C3-838C-BA8BC3859BEF}] => (Allow) C:\Program Files (x86)\Advanced Monitoring Agent\managedav\SBAMSvc.exe
FirewallRules: [{E057ACFD-839E-428C-A4C2-AE16303F6807}] => (Allow) C:\Program Files (x86)\Advanced Monitoring Agent\managedav\SBAMSvc.exe
FirewallRules: [{1ED8C86B-128D-4263-A31D-BF08C27C299A}] => (Allow) C:\Program Files (x86)\Advanced Monitoring Agent\managedav\SBAMSvc.exe
FirewallRules: [TCP Query User{324C82A7-D3C9-454B-B0F5-A1D6A09AF836}C:\program files (x86)\atmel\atmel studio 6.1\atmelstudio.exe] => (Block) C:\program files (x86)\atmel\atmel studio 6.1\atmelstudio.exe
FirewallRules: [UDP Query User{DA9E57BC-534E-44C7-905F-9EBFDCEDE848}C:\program files (x86)\atmel\atmel studio 6.1\atmelstudio.exe] => (Block) C:\program files (x86)\atmel\atmel studio 6.1\atmelstudio.exe
FirewallRules: [{31370E4F-E395-4D20-A2FD-313CE0CA7399}] => (Allow) C:\Windows\System32\xnetsrvc.exe
FirewallRules: [{309A8968-1C68-4FFD-AB7A-7C3FBE018538}] => (Allow) C:\Windows\System32\xnetsrvc.exe
FirewallRules: [TCP Query User{E3E079E7-B3AD-4203-907D-15F0104BD733}F:\cloneme\c\rens\school\arduino\arduino-1.5.8\java\bin\javaw.exe] => (Block) F:\cloneme\c\rens\school\arduino\arduino-1.5.8\java\bin\javaw.exe
FirewallRules: [UDP Query User{399DDD4A-F896-43D2-A68E-6D664D073BD1}F:\cloneme\c\rens\school\arduino\arduino-1.5.8\java\bin\javaw.exe] => (Block) F:\cloneme\c\rens\school\arduino\arduino-1.5.8\java\bin\javaw.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/18/2015 02:52:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: eagle.exe, versie: 0.0.0.0, tijdstempel: 0x4f0ed34c
Naam van module met fout: eagle.exe, versie: 0.0.0.0, tijdstempel: 0x4f0ed34c
Uitzonderingscode: 0xc0000005
Foutoffset: 0x000d472a
Id van proces met fout: 0xf4c
Starttijd van toepassing met fout: 0xeagle.exe0
Pad naar toepassing met fout: eagle.exe1
Pad naar module met fout: eagle.exe2
Rapport-id: eagle.exe3

Error: (06/18/2015 00:03:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: eagle.exe, versie: 0.0.0.0, tijdstempel: 0x4f0ed34c
Naam van module met fout: eagle.exe, versie: 0.0.0.0, tijdstempel: 0x4f0ed34c
Uitzonderingscode: 0xc0000005
Foutoffset: 0x000d472a
Id van proces met fout: 0x864
Starttijd van toepassing met fout: 0xeagle.exe0
Pad naar toepassing met fout: eagle.exe1
Pad naar module met fout: eagle.exe2
Rapport-id: eagle.exe3

Error: (06/11/2015 09:48:34 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Geen toegang tot bestand  om een van de volgende redenen:
Er is een probleem met de netwerkverbinding, met de schijf waarop het bestand is opgeslagen,
met de opslagstuurprogramma's op deze computer, of de schijf ontbreekt.
Programma javaw.exe werd afgesloten vanwege deze fout.

Programma: javaw.exe
Bestand:

De foutwaarde wordt weergegeven in de sectie Extra gegevens.
Gebruikersactie
1. Open het bestand opnieuw.
Mogelijk is dit een tijdelijk probleem dat vanzelf wordt opgelost als het programma opnieuw wordt uitgevoerd.
2.
Als toegang tot het bestand nog steeds niet mogelijk is en
 - Als het bestand zich in het netwerk bevindt,
dient de netwerkbeheerder te controleren of er geen probleem met het netwerk is en dat verbinding met de server kan
worden gemaakt.
 - Als het bestand zich op een verwisselbare schijf bevindt, zoals een diskette of cd-rom, dient u te controleren
of deze schijf correct in het schijfstation is geplaatst.
3. Controleer en repareer het bestandssysteem met CHKDSK. Klik hiervoor op Start, Uitvoeren en typ CMD. Klik OK en typ CHKDSK /F op de opdrachtprompt. Druk vervolgens op ENTER.
4. Als het probleem blijft bestaan, dient u het bestand terug te zetten via een back-upmedium.
5. Bepaal of andere bestanden op dezelfde schijf kunnen worden geopend. Als dit niet zo is, is de schijf beschadigd. Als het een harde schijf is, neemt u contact op met de netwerkbeheerder of hardwareleverancier voor ondersteuning.

Aanvullende gegevens
Foutwaarde: C000026E
Type schijf: 0

Error: (06/11/2015 09:48:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: javaw.exe, versie: 0.0.0.0, tijdstempel: 0x4a73483d
Naam van module met fout: jvm.dll, versie: 0.0.0.0, tijdstempel: 0x4a737ccf
Uitzonderingscode: 0xc0000006
Foutoffset: 0x001e5200
Id van proces met fout: 0x84c
Starttijd van toepassing met fout: 0xjavaw.exe0
Pad naar toepassing met fout: javaw.exe1
Pad naar module met fout: javaw.exe2
Rapport-id: javaw.exe3

Error: (06/11/2015 09:48:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: javaw.exe, versie: 0.0.0.0, tijdstempel: 0x521c3bf4
Naam van module met fout: msvcr100.dll, versie: 0.0.0.0, tijdstempel: 0x4ba1dbbe
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00014f47
Id van proces met fout: 0x17a4
Starttijd van toepassing met fout: 0xjavaw.exe0
Pad naar toepassing met fout: javaw.exe1
Pad naar module met fout: javaw.exe2
Rapport-id: javaw.exe3

Error: (06/11/2015 09:48:31 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Geen toegang tot bestand  om een van de volgende redenen:
Er is een probleem met de netwerkverbinding, met de schijf waarop het bestand is opgeslagen,
met de opslagstuurprogramma's op deze computer, of de schijf ontbreekt.
Programma javaw.exe werd afgesloten vanwege deze fout.

Programma: javaw.exe
Bestand:

De foutwaarde wordt weergegeven in de sectie Extra gegevens.
Gebruikersactie
1. Open het bestand opnieuw.
Mogelijk is dit een tijdelijk probleem dat vanzelf wordt opgelost als het programma opnieuw wordt uitgevoerd.
2.
Als toegang tot het bestand nog steeds niet mogelijk is en
 - Als het bestand zich in het netwerk bevindt,
dient de netwerkbeheerder te controleren of er geen probleem met het netwerk is en dat verbinding met de server kan
worden gemaakt.
 - Als het bestand zich op een verwisselbare schijf bevindt, zoals een diskette of cd-rom, dient u te controleren
of deze schijf correct in het schijfstation is geplaatst.
3. Controleer en repareer het bestandssysteem met CHKDSK. Klik hiervoor op Start, Uitvoeren en typ CMD. Klik OK en typ CHKDSK /F op de opdrachtprompt. Druk vervolgens op ENTER.
4. Als het probleem blijft bestaan, dient u het bestand terug te zetten via een back-upmedium.
5. Bepaal of andere bestanden op dezelfde schijf kunnen worden geopend. Als dit niet zo is, is de schijf beschadigd. Als het een harde schijf is, neemt u contact op met de netwerkbeheerder of hardwareleverancier voor ondersteuning.

Aanvullende gegevens
Foutwaarde: C000026E
Type schijf: 0

Error: (06/11/2015 09:48:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: javaw.exe, versie: 0.0.0.0, tijdstempel: 0x4a73483d
Naam van module met fout: jvm.dll, versie: 0.0.0.0, tijdstempel: 0x4a737ccf
Uitzonderingscode: 0xc0000006
Foutoffset: 0x001e5200
Id van proces met fout: 0x1188
Starttijd van toepassing met fout: 0xjavaw.exe0
Pad naar toepassing met fout: javaw.exe1
Pad naar module met fout: javaw.exe2
Rapport-id: javaw.exe3

Error: (06/11/2015 08:47:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: avrdude.exe, versie: 0.0.0.0, tijdstempel: 0x49bb23f2
Naam van module met fout: avrdude.exe, versie: 0.0.0.0, tijdstempel: 0x49bb23f2
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00014da0
Id van proces met fout: 0x14cc
Starttijd van toepassing met fout: 0xavrdude.exe0
Pad naar toepassing met fout: avrdude.exe1
Pad naar module met fout: avrdude.exe2
Rapport-id: avrdude.exe3

Error: (06/10/2015 04:04:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: avrdude.exe, versie: 0.0.0.0, tijdstempel: 0x49bb23f2
Naam van module met fout: avrdude.exe, versie: 0.0.0.0, tijdstempel: 0x49bb23f2
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00014da0
Id van proces met fout: 0x1448
Starttijd van toepassing met fout: 0xavrdude.exe0
Pad naar toepassing met fout: avrdude.exe1
Pad naar module met fout: avrdude.exe2
Rapport-id: avrdude.exe3

Error: (06/10/2015 11:57:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Het programma javaw.exe, versie 7.0.400.43 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm.

Proces-id: 1378

Starttijd: 01d0a363877379a9

Eindtijd: 18

Toepassingspad: F:\CloneMe\C\Rens\School\Arduino\arduino-1.5.8\java\bin\javaw.exe

Rapport-id: edbce43a-0f56-11e5-ae0d-8c89a513a0f1

System errors:
=============
Error: (06/26/2015 10:32:39 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: De Browser-service heeft te vaak de reservelijst op transport \Device\NetBT_Tcpip_{3F2D78A3-2626-4418-81C9-65B44BFABFFC} niet kunnen ophalen.
De reservebrowser is gestopt.

Error: (06/26/2015 09:56:44 AM) (Source: Disk) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR1.

Error: (06/25/2015 09:18:50 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.

Error: (06/25/2015 09:05:41 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.

Error: (06/24/2015 09:25:39 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.

Error: (06/23/2015 04:35:16 PM) (Source: Disk) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR2.

Error: (06/23/2015 01:29:31 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.

Error: (06/23/2015 01:20:13 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.

Error: (06/18/2015 08:38:37 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.

Error: (06/16/2015 04:35:10 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: De volgende melding van een onherstelbare fout is gegenereerd: 40. De interne foutstatus is 252.

Microsoft Office:
=========================
Error: (04/02/2013 02:09:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 5200 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (03/21/2013 06:58:52 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 66 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (03/12/2013 00:14:18 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 536 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (01/24/2013 08:32:08 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/24/2013 08:31:57 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1557 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (01/16/2013 05:22:16 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 12 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/03/2012 04:53:51 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 265 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/14/2012 04:06:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 81 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (08/13/2012 01:51:18 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 8351 seconds with 780 seconds of active time.  This session ended with a crash.

Error: (10/10/2011 08:10:20 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 34 seconds with 0 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2013-02-08 09:52:59.237
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\l3codeca.acm kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2013-02-08 08:45:24.057
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\l3codeca.acm kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU 550 @ 3.20GHz
Percentage of memory in use: 91%
Total physical RAM: 3767.11 MB
Available physical RAM: 336.7 MB
Total Pagefile: 7532.43 MB
Available Pagefile: 3818.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Systeem) (Fixed) (Total:62.44 GB) (Free:10.35 GB) NTFS
Drive d: (Data) (Fixed) (Total:235.58 GB) (Free:233.16 GB) NTFS
Drive f: (BackupDisk) (Fixed) (Total:698.54 GB) (Free:349.47 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 8E760A6D)
Partition 1: (Active) - (Size=71 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=62.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=235.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End of log ============================

 

Kind regards,

 

Birdo123

 

 


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you let me know what problems remain on completion of this

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\...\Run: [BluetoothManager] => rundll32.exe "%appdata%\Microsoft\bstack.dll",bs_init
HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\...\Policies\Explorer: [Run] "C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\IEUpdate\expand.exe"
HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\...\MountPoints2: {c5fffd91-e35d-11df-98b7-806e6f6e6963} - E:\start.exe
HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\...\Command Processor: "C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\IEUpdate\expand.exe" <===== ATTENTION!
HKU\S-1-5-21-2563555894-2037824764-3050542833-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\IEUpdate\expand.exe
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1106\6.6.1077\TmIEPlg.dll No File
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1106\6.6.1077\TmIEPlg32.dll No File
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1106\6.6.1077\TmIEPlg32.dll No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Client Server Security Agent\UIFramework\ProToolbarIMRatingActiveX.dll No File
C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\IEUpdate
%appdata%\Microsoft\bstack.dll
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP