Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

W7 Bad Performance [Closed]


  • This topic is locked This topic is locked

#1
tvbrux

tvbrux

    New Member

  • Member
  • Pip
  • 3 posts

Hi All,

 

I'm experiencing some issues at my work computer, since I recently installed a faulty program. I was looking for a reference manager but instead managed to install something different. However, I don't know what it was called, but it was some kind of 'smartsearch' and more of those names popped up in my program list.

 

I'm not used to working on Windows (Mac/Ubuntu preferably) so that's why I'm asking for your help.

 

At the beginning I was experiencing a lot of ads and hyperlinks in text in the browser. Fortunately I got rid of that, through CC cleaner and Malwarebytes. However, ever since, my PC performes sluggy and has froze upon me about once each week (hard reset needed). 

So the symptoms are:

  • Bad performance
  • Freezing

It's important that I have a stable workstation, because we are going to deliver online interaction with our clients via our communication portals and IT can only be here in about one week, so if I can do anything myself, I'd be happy to.

 

Beneath you will find the logs as required:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Moderator1 (administrator) on ADMIN-PC on 07-07-2015 10:18:38
Running from C:\Users\Moderator1\Desktop
Loaded Profiles: Moderator1 (Available Profiles: Admin & Moderator1)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Spotify Ltd) C:\Users\Moderator1\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Spotify Ltd) C:\Users\Moderator1\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Moderator1\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Ilinqu) C:\Program Files (x86)\Ilinqu-4.0.0.0\Ilinqu.exe
(Spotify Ltd) C:\Users\Moderator1\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Moderator1\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\excel.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [796696 2009-07-24] (Intel Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [570152 2014-08-14] (Acronis)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112408 2012-04-12] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5306776 2014-11-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [603904 2014-10-17] (Acronis International GmbH)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [gmsd_nl_282] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1274637062-1119044021-2617467697-1001\...\Run: [Spotify Web Helper] => C:\Users\Moderator1\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030648 2015-07-01] (Spotify Ltd)
HKU\S-1-5-21-1274637062-1119044021-2617467697-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1274637062-1119044021-2617467697-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Productregistratie.lnk [2015-04-24]
ShortcutTarget: Logitech . Productregistratie.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1274637062-1119044021-2617467697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1434016526&from=xtab&uid=2605121F48134cf3859B86CB1C4A1E28
HKU\S-1-5-21-1274637062-1119044021-2617467697-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/nl-nl/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-22] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-22] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-22] (Oracle Corporation)
BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-22] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-06] (Microsoft Corporation)
Hosts: 127.0.0.1       WMUC373454.europe.bmw.corp # LMS GENERATED LINE
Tcpip\Parameters: [DhcpNameServer] 83.167.223.110 217.119.0.250
Tcpip\..\Interfaces\{2FCA41DB-CAC2-4FBE-A47A-36A76DDD6E9A}: [DhcpNameServer] 83.167.223.110 217.119.0.250
Tcpip\..\Interfaces\{45D59E93-9EAE-421A-BE1C-69552F275269}: [DhcpNameServer] 212.54.44.54 212.54.40.25
Tcpip\..\Interfaces\{89BEB703-6EC1-46FF-A7CA-12B5DBF7A974}: [DhcpNameServer] 123.123.123.1
Tcpip\..\Interfaces\{D703A940-CA8F-49FD-89E6-963C178B727F}: [DhcpNameServer] 123.123.123.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\Moderator1\AppData\Roaming\Mozilla\Firefox\Profiles\p1qkllx7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-07-07] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1274637062-1119044021-2617467697-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Moderator1\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-06-25] (Citrix Online)
FF Extension: Download YouTube Videos as MP4 - C:\Users\Moderator1\AppData\Roaming\Mozilla\Firefox\Profiles\p1qkllx7.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-04-14]
 
Chrome: 
=======
CHR Profile: C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-24]
CHR Extension: (Google Docs) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-24]
CHR Extension: (Google Drive) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-24]
CHR Extension: (YouTube) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-24]
CHR Extension: (Google Search) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-24]
CHR Extension: (Gmail Offline) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-04-21]
CHR Extension: (Zotero Connector) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2015-04-21]
CHR Extension: (Google Sheets) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-24]
CHR Extension: (Cloud Internet Explorer by Ericom) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gahjiajfldfkbglaegkndeccohnpcoce [2015-04-21]
CHR Extension: (AdBlock) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-21]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2015-04-21]
CHR Extension: (Dropbox) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-04-21]
CHR Extension: (MM,CM,Inch Converter) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjnaaookfddliinooieblhekhaadnemh [2015-04-21]
CHR Extension: (Hangouts call) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbpgddbgniojgndnhlkjbkpknjhppkbk [2015-04-21]
CHR Extension: (Hangouts) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-04-21]
CHR Extension: (Currency Converter) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncdobdbibdgoiohgnflmjajfphcnakg [2015-04-21]
CHR Extension: (Google Maps) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-04-21]
CHR Extension: (iBOOD hunt) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbhmefekjhdnodhbifmgeaibgghngcb [2015-04-21]
CHR Extension: (Google Wallet) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-24]
CHR Extension: (Deezer) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh [2015-04-21]
CHR Extension: (Gmail) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-24]
CHR Profile: C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-21]
CHR Extension: (Google Docs) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-21]
CHR Extension: (Google Drive) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-21]
CHR Extension: (YouTube) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-21]
CHR Extension: (Google Search) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-21]
CHR Extension: (Google Sheets) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-21]
CHR Extension: (Google Wallet) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-21]
CHR Extension: (Gmail) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-21]
CHR Profile: C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-18]
CHR Extension: (Google Docs) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-18]
CHR Extension: (Google Drive) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-18]
CHR Extension: (YouTube) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-18]
CHR Extension: (Google Search) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-18]
CHR Extension: (Google Sheets) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-18]
CHR Extension: (Google Wallet) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-18]
CHR Extension: (Gmail) - C:\Users\Moderator1\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-18]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 HPSLPSVC; C:\Users\Moderator1\AppData\Local\Temp\7zS2D75\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2692296 2015-02-04] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 mailUpdate; C:\ProgramData\MailUpdate\mailUpdate.exe -service [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2015-04-20] (Acronis International GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2015-04-20] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [234784 2015-04-20] (Acronis International GmbH)
S0 hitmanpro37duringboot; system32\drivers\hitmanpro37.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-07 10:07 - 2015-07-07 10:07 - 00038006 _____ C:\Users\Moderator1\Desktop\Addition.txt
2015-07-07 10:06 - 2015-07-07 10:18 - 00022738 _____ C:\Users\Moderator1\Desktop\FRST.txt
2015-07-07 10:04 - 2015-07-07 10:18 - 00000000 ____D C:\FRST
2015-07-07 10:03 - 2015-07-07 10:03 - 02112512 _____ (Farbar) C:\Users\Moderator1\Desktop\FRST64.exe
2015-07-03 15:39 - 2015-07-03 15:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-03 15:39 - 2015-07-03 15:39 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-03 15:39 - 2015-07-03 15:39 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-03 15:39 - 2015-07-03 15:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 14:50 - 2015-07-03 14:50 - 00242752 _____ C:\Users\Moderator1\Downloads\Firefox Setup Stub 39.0.exe
2015-06-30 16:57 - 2015-06-30 16:59 - 00001486 _____ C:\Users\Moderator1\Desktop\Ilinqu - Snelkoppeling.lnk
2015-06-30 13:21 - 2015-06-30 13:21 - 00000000 ____D C:\Program Files (x86)\Ilinqu-4.0.0.0
2015-06-26 13:45 - 2015-06-26 13:45 - 00292840 _____ C:\Windows\Minidump\062615-28485-01.dmp
2015-06-26 12:31 - 2015-06-26 12:31 - 00000000 ____D C:\Users\Moderator1\AppData\OICE_15_974FA576_32C1D314_34B
2015-06-26 12:26 - 2015-06-26 12:27 - 00000000 ____D C:\Users\Moderator1\AppData\OICE_15_974FA576_32C1D314_2A0C
2015-06-26 11:14 - 2015-06-26 11:14 - 00005524 _____ C:\Windows\PFRO.log
2015-06-25 10:05 - 2015-07-07 09:25 - 00000592 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1274637062-1119044021-2617467697-1001.job
2015-06-25 10:05 - 2015-07-03 16:23 - 00000688 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1274637062-1119044021-2617467697-1001.job
2015-06-25 10:05 - 2015-06-25 10:05 - 00003724 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-1274637062-1119044021-2617467697-1001
2015-06-25 10:05 - 2015-06-25 10:05 - 00003628 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1274637062-1119044021-2617467697-1001
2015-06-25 10:05 - 2015-06-25 10:05 - 00000000 ____D C:\Users\Moderator1\AppData\Local\Citrix
2015-06-24 13:38 - 2015-06-24 13:38 - 18174128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-23 12:08 - 2015-06-23 15:28 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-06-23 12:06 - 2015-06-24 13:02 - 00000000 ____D C:\Program Files\Bonjour
2015-06-23 12:06 - 2015-06-24 13:02 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-06-23 12:06 - 2015-06-23 12:08 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-06-19 09:07 - 2015-06-26 13:45 - 434836387 _____ C:\Windows\MEMORY.DMP
2015-06-19 09:07 - 2015-06-19 09:07 - 00292888 _____ C:\Windows\Minidump\061915-20857-01.dmp
2015-06-19 08:03 - 2015-07-07 08:41 - 00001456 _____ C:\Windows\setupact.log
2015-06-19 08:03 - 2015-06-19 08:03 - 00000000 _____ C:\Windows\setuperr.log
2015-06-15 17:38 - 2015-06-15 17:38 - 00000000 ____D C:\Users\Moderator1\AppData\Roaming\UniversityOfHamburg
2015-06-15 17:37 - 2015-06-15 17:37 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2015-06-15 17:36 - 2015-06-15 17:36 - 00000000 ____D C:\Program Files (x86)\University Of Hamburg
2015-06-15 09:53 - 2015-06-17 09:36 - 00000000 ___SD C:\Users\Moderator1\Documents\Mijn gegevensbronnen
2015-06-11 13:51 - 2015-06-15 09:13 - 00000000 ____D C:\Users\Moderator1\Documents\Add-in Express
2015-06-11 13:48 - 2015-07-07 09:53 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-11 13:48 - 2015-07-07 08:42 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-11 13:48 - 2015-06-24 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-11 13:48 - 2015-06-11 13:48 - 00004060 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-11 13:48 - 2015-06-11 13:48 - 00003808 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-11 13:39 - 2015-06-11 13:40 - 06420480 _____ C:\Program Files (x86)\GUT7CCF.tmp
2015-06-11 13:39 - 2015-06-11 13:39 - 00000000 ____D C:\Program Files (x86)\GUM7CCE.tmp
2015-06-11 13:38 - 2015-06-11 13:40 - 06420480 _____ C:\Program Files (x86)\GUT5F31.tmp
2015-06-11 13:38 - 2015-06-11 13:38 - 00000000 ____D C:\Program Files (x86)\GUM5F30.tmp
2015-06-11 12:55 - 2015-06-11 12:55 - 00000000 ____D C:\Users\Moderator1\AppData\Local\TempTaskUpdateDetection556C362C-BBB6-4A3D-A919-0F142BEFF911
2015-06-11 11:42 - 2015-07-07 08:42 - 00000340 _____ C:\Windows\Tasks\QNBKJTVHX1.job
2015-06-11 11:42 - 2015-06-11 11:42 - 00002862 _____ C:\Windows\System32\Tasks\QNBKJTVHX1
2015-06-11 11:17 - 2015-06-11 12:16 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-11 11:17 - 2015-06-11 11:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-11 11:17 - 2015-06-11 11:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-11 11:17 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-11 11:17 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-11 11:17 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-11 11:14 - 2015-06-11 11:14 - 00000207 _____ C:\Windows\tweaking.com-regbackup-ADMIN-PC-Windows-7-Professional-(64-bit).dat
2015-06-11 11:14 - 2015-06-11 11:14 - 00000000 ____D C:\RegBackup
2015-06-11 11:03 - 2015-06-11 12:09 - 00000000 ____D C:\AdwCleaner
2015-06-11 10:21 - 2015-06-11 10:21 - 00000000 ____D C:\Users\Moderator1\AppData\Roaming\AVG
2015-06-11 10:20 - 2015-06-11 10:20 - 00000000 ____D C:\Program Files (x86)\AVG
2015-06-11 10:18 - 2015-06-11 10:22 - 00000000 ____D C:\ProgramData\AVG
2015-06-11 10:18 - 2015-06-11 10:18 - 00000000 ____D C:\Users\Moderator1\AppData\Local\Avg
2015-06-11 09:49 - 2015-06-11 12:32 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-06-11 09:20 - 2015-06-11 09:20 - 00002800 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-06-11 09:20 - 2015-06-11 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-11 09:20 - 2015-06-11 09:20 - 00000000 ____D C:\Program Files\CCleaner
2015-06-11 09:11 - 2015-06-11 09:11 - 00000000 _____ C:\Users\Moderator1\AppData\Local\Temp.dat
2015-06-11 09:06 - 2015-06-11 09:06 - 00003168 _____ C:\Windows\System32\Tasks\{F0AD6319-3387-456E-B352-10F700E1F51D}
2015-06-11 09:05 - 2015-06-11 09:48 - 00000000 ____D C:\Program Files (x86)\HTTPS Everywhere
2015-06-10 16:09 - 2015-06-10 16:09 - 00000000 _____ C:\autoexec.bat
2015-06-10 16:08 - 2015-06-10 16:08 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-06-10 11:24 - 2015-06-10 11:24 - 00000000 ____D C:\Program Files\HitmanPro
2015-06-10 11:20 - 2015-06-10 11:20 - 00105078 _____ C:\Users\Moderator1\Documents\cc_20150610_112023.reg
2015-06-10 10:06 - 2015-06-11 09:49 - 00026768 _____ C:\Windows\system32\.crusader
2015-06-10 09:47 - 2015-06-10 10:07 - 00000000 ____D C:\ProgramData\HitmanPro
2015-06-10 09:42 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 09:42 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 09:42 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 09:42 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 09:42 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 09:42 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 09:42 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 09:42 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 09:42 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 09:42 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 09:42 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 09:42 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 09:42 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 09:42 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 09:42 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 09:42 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 09:42 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 09:42 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 09:42 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 09:42 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 09:42 - 2015-05-09 05:27 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 09:42 - 2015-05-09 05:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 09:42 - 2015-05-09 05:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 09:42 - 2015-05-09 05:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 09:42 - 2015-05-09 05:26 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 09:42 - 2015-05-09 05:26 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 09:42 - 2015-05-09 05:26 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 09:42 - 2015-05-09 05:25 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 09:42 - 2015-05-09 05:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 09:42 - 2015-05-09 05:13 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 09:42 - 2015-05-09 05:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 09:42 - 2015-05-09 05:12 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 09:42 - 2015-05-09 05:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 04:01 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 09:42 - 2015-05-09 04:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 09:42 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 09:42 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 09:42 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 09:42 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 09:42 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 09:42 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 09:42 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 09:42 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 09:42 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 09:42 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 09:42 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 09:42 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 09:42 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 09:42 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 09:41 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 09:41 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 09:41 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 09:41 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 09:41 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 09:41 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 09:41 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 09:41 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 09:41 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 09:41 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 09:41 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 09:41 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 09:41 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 09:41 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 09:41 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 09:41 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 09:41 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 09:41 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 09:41 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 09:41 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 09:41 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 09:41 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 09:41 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 09:41 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 09:41 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 09:41 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 09:41 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 09:41 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 09:41 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 09:41 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 09:41 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 09:41 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 09:41 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 09:41 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 09:41 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 09:41 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 09:41 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 09:41 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 09:41 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 09:41 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 09:41 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 09:25 - 2015-06-10 09:25 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-10 09:24 - 2015-06-10 09:24 - 00000000 ____D C:\Users\Moderator1\AppData\Roaming\NVIDIA
2015-06-10 09:23 - 2015-06-10 09:23 - 00000000 _____ C:\Windows\prleth.sys
2015-06-10 09:23 - 2015-06-10 09:23 - 00000000 _____ C:\Windows\hgfs.sys
2015-06-10 09:12 - 2015-06-10 09:12 - 00000468 __RSH C:\ProgramData\ntuser.pol
2015-06-10 09:12 - 2014-03-20 17:36 - 00000889 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-06-10 09:11 - 2015-06-11 09:12 - 00000000 ____D C:\ProgramData\TomorrowGames
2015-06-10 08:59 - 2015-06-10 08:59 - 00000000 ____D C:\Users\Moderator1\AppData\Roaming\WinRAR
2015-06-08 16:23 - 2015-06-08 16:23 - 02323656 _____ C:\Users\Moderator1\Downloads\winrar-x64-520nl.exe
2015-06-08 16:23 - 2015-06-08 16:23 - 00000000 ____D C:\Users\Moderator1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-08 16:23 - 2015-06-08 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-08 16:23 - 2015-06-08 16:23 - 00000000 ____D C:\Program Files\WinRAR
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-07 10:17 - 2015-04-07 09:12 - 00000000 ____D C:\Users\Moderator1\Documents\Outlook-bestanden
2015-07-07 10:10 - 2009-07-14 06:45 - 00026464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-07 10:10 - 2009-07-14 06:45 - 00026464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-07 10:05 - 2015-04-09 11:29 - 00000000 ____D C:\Users\Moderator1\Downloads\Installers
2015-07-07 09:52 - 2015-05-26 09:27 - 00007612 _____ C:\Users\Moderator1\AppData\Local\Resmon.ResmonCfg
2015-07-07 09:38 - 2015-06-03 08:53 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-07 09:27 - 2015-04-15 09:34 - 00000000 ____D C:\Users\Moderator1\AppData\Local\FlowBreeze3
2015-07-07 09:05 - 2013-09-03 07:31 - 01263733 _____ C:\Windows\WindowsUpdate.log
2015-07-07 09:02 - 2015-04-02 15:02 - 00000000 ____D C:\Users\Moderator1\AppData\Roaming\Spotify
2015-07-07 08:57 - 2015-04-02 15:02 - 00000000 ____D C:\Users\Moderator1\AppData\Local\Spotify
2015-07-07 08:54 - 2015-04-01 09:26 - 00000000 ____D C:\Users\Moderator1\AppData\Local\Adobe
2015-07-07 08:48 - 2015-06-03 08:53 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-07 08:48 - 2015-03-24 10:23 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-07 08:48 - 2015-03-24 10:23 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-07 08:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-05 12:08 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 14:48 - 2015-04-09 15:15 - 00000000 ____D C:\Users\Moderator1\AppData\Roaming\vlc
2015-06-30 16:56 - 2015-04-08 13:42 - 00000000 ____D C:\Users\Moderator1\Documents\Ilinqu
2015-06-30 13:22 - 2011-04-12 15:00 - 00745020 _____ C:\Windows\system32\perfh013.dat
2015-06-30 13:22 - 2011-04-12 15:00 - 00152972 _____ C:\Windows\system32\perfc013.dat
2015-06-30 13:22 - 2009-07-14 07:13 - 01668596 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-30 10:21 - 2015-04-01 10:24 - 00000000 ____D C:\Users\Moderator1\Documents\Health8
2015-06-26 13:45 - 2015-04-24 02:02 - 00000000 ____D C:\Windows\Minidump
2015-06-25 09:01 - 2015-05-13 09:45 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-25 08:49 - 2015-03-30 09:59 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-24 13:02 - 2014-03-20 17:35 - 00000000 ____D C:\Users\Admin
2015-06-24 13:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-06-24 13:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-06-24 13:01 - 2015-04-15 14:23 - 00000000 ____D C:\ProgramData\Apple Computer
2015-06-24 13:01 - 2015-04-15 14:21 - 00000000 ____D C:\ProgramData\Apple
2015-06-24 12:22 - 2015-03-24 10:29 - 00000000 ____D C:\Users\Moderator1
2015-06-23 12:19 - 2015-04-16 08:46 - 00000000 ____D C:\Users\Moderator1\AppData\Roaming\Apple Computer
2015-06-23 12:09 - 2015-04-22 17:08 - 00000000 ____D C:\Users\Moderator1\AppData\Local\Apple Computer
2015-06-17 09:36 - 2011-04-12 15:10 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-06-15 11:09 - 2015-03-24 10:29 - 00000000 ____D C:\Users\Moderator1\AppData\Local\VirtualStore
2015-06-11 13:48 - 2013-09-03 07:53 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-11 13:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-11 12:09 - 2015-03-24 10:30 - 00000985 _____ C:\Users\Moderator1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-11 11:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2015-06-11 10:26 - 2015-04-23 17:44 - 00000000 ____D C:\Users\Moderator1\AppData\Local\Microsoft Help
2015-06-11 10:26 - 2013-09-03 08:27 - 00000000 ____D C:\Windows\Panther
2015-06-11 09:06 - 2015-06-02 16:14 - 00000000 ____D C:\Users\Moderator1\AppData\Roaming\DVDVideoSoft
2015-06-11 08:48 - 2009-07-14 04:34 - 00000505 _____ C:\Windows\win.ini
2015-06-10 11:16 - 2015-04-01 12:12 - 00000000 __SHD C:\Users\Moderator1\AppData\Local\EmieUserList
2015-06-10 11:16 - 2015-04-01 12:12 - 00000000 __SHD C:\Users\Moderator1\AppData\Local\EmieSiteList
2015-06-10 11:16 - 2015-04-01 12:12 - 00000000 __SHD C:\Users\Moderator1\AppData\Local\EmieBrowserModeList
2015-06-10 10:42 - 2009-07-14 06:45 - 00379240 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 10:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 10:25 - 2013-09-03 08:55 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 10:18 - 2013-09-03 08:55 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 10:05 - 2013-09-03 07:56 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-10 09:12 - 2015-04-13 13:39 - 00000000 ____D C:\Users\Moderator1\AppData\Local\Deployment
2015-06-10 09:12 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
 
==================== Files in the root of some directories =======
 
2015-06-11 13:38 - 2015-06-11 13:40 - 6420480 _____ () C:\Program Files (x86)\GUT5F31.tmp
2015-06-11 13:39 - 2015-06-11 13:40 - 6420480 _____ () C:\Program Files (x86)\GUT7CCF.tmp
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Moderator1\AppData\Roaming\sUeBEV7GV9utHeN
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Moderator1\AppData\Roaming\VznvEgiFMm
2015-05-26 09:27 - 2015-07-07 09:52 - 0007612 _____ () C:\Users\Moderator1\AppData\Local\Resmon.ResmonCfg
2015-06-11 09:11 - 2015-06-11 09:11 - 0000000 _____ () C:\Users\Moderator1\AppData\Local\Temp.dat
2015-04-09 11:35 - 2015-04-09 11:35 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\qc_e3f0f3ef_27e6_4ca8_8a7c_a3d761aa54bb_64.exe
C:\Users\Moderator1\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Moderator1\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Moderator1\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Moderator1\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Moderator1\AppData\Local\Temp\TUUUninstallHelper.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-03 10:14
 
==================== End of log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Moderator1 at 2015-07-07 10:18:53
Running from C:\Users\Moderator1\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Admin (S-1-5-21-1274637062-1119044021-2617467697-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1274637062-1119044021-2617467697-500 - Administrator - Disabled)
Gast (S-1-5-21-1274637062-1119044021-2617467697-501 - Limited - Disabled)
Moderator1 (S-1-5-21-1274637062-1119044021-2617467697-1001 - Administrator - Enabled) => C:\Users\Moderator1
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Acronis True Image 2015 (HKLM-x32\...\{9C48ED33-4A66-4299-B274-BD8110AB6EAA}Visible) (Version: 18.0.6525 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.6525 - Acronis) Hidden
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
CameraHelperMsi (x32 Version: 13.40.836.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{8A16C63D-027A-4645-B394-C033665D0195}) (Version: 1.0.325 - Citrix)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.3.0.8536 - Thomson Reuters)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FastStone Capture 8.0 (HKLM-x32\...\FastStone Capture) (Version: 8.0 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GoToMeeting 7.2.0.2759 (HKU\S-1-5-21-1274637062-1119044021-2617467697-1001\...\GoToMeeting) (Version: 7.2.0.2759 - CitrixOnline)
HP Officejet Pro 8620 Basissoftware van het apparaat (HKLM\...\{777F86BC-8222-43DB-A2E0-08866CCF77CD}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Ilinqu (HKLM-x32\...\{326DEAEF-0AF8-427E-B39C-FA7A2C39DC07}) (Version: 3.0.9 - Ilinqu)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.40.1161 - Intel Corporation)
Intel® Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
Intel® Network Connections 17.2.154.0 (HKLM\...\PROSetDX) (Version: 17.2.154.0 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® Active Management Technology (HKLM\...\MESOL) (Version:  - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Logitech-webcamsoftware (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.40 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
Malwarebytes Anti-Malware versie 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office 2013 voor Thuisgebruik en Zelfstandigen - nl-nl (HKLM\...\HomeBusinessRetail - nl-nl) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1274637062-1119044021-2617467697-1001\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 nl)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
NVIDIA Grafisch stuurprogramma 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.13.1 - NVIDIA Corporation)
NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation)
NVIDIA WMI 2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.18.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
SABnzbd 0.7.20 (HKLM-x32\...\SABnzbd) (Version: 0.7.20 - The SABnzbd Team)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version:  - )
Spotify (HKU\S-1-5-21-1274637062-1119044021-2617467697-1001\...\Spotify) (Version: 1.0.8.59.gee82e7e6 - Spotify AB)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1274637062-1119044021-2617467697-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Moderator1\AppData\Local\Citrix\GoToMeeting\2759\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1274637062-1119044021-2617467697-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Moderator1\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1274637062-1119044021-2617467697-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Moderator1\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1274637062-1119044021-2617467697-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Moderator1\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1274637062-1119044021-2617467697-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Moderator1\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1274637062-1119044021-2617467697-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Moderator1\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
19-06-2015 09:19:57 Windows Update
23-06-2015 09:09:01 Windows Update
23-06-2015 12:07:32 Installed iTunes
23-06-2015 15:26:40 Removed iTunes
24-06-2015 12:33:06 Windows Update
29-06-2015 11:22:09 Windows Update
03-07-2015 10:41:55 Windows Update
07-07-2015 08:53:35 Windows Update
07-07-2015 09:24:17 AVG PC TuneUp 2015 is verwijderd
07-07-2015 09:25:50 AVG PC TuneUp 2015 (nl-NL) is verwijderd
07-07-2015 09:26:34 Removed FlowBreeze 3
07-07-2015 09:27:26 Removed Apple Software Update
07-07-2015 09:28:01 Removed Apple Application Support
07-07-2015 09:28:53 Removed LibreOffice 4.1.1.2
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2014-03-20 17:36 - 00000889 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       WMUC373454.europe.bmw.corp # LMS GENERATED LINE
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0A55B845-14A5-46B5-B08C-CFEC8A29FDAE} - System32\Tasks\QNBKJTVHX1 => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: {16DF0F20-0D4E-4F59-929F-2D2E9C5A9123} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {431AC62C-3034-4AC6-819E-2D7EF616A94B} - System32\Tasks\G2MUpdateTask-S-1-5-21-1274637062-1119044021-2617467697-1001 => C:\Users\Moderator1\AppData\Local\Citrix\GoToMeeting\2759\g2mupdate.exe [2015-06-25] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {483B876E-0350-40D3-AF22-B18CEDCE0425} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {5300C9D4-DB43-42A6-9FAF-8DD816627083} - System32\Tasks\G2MUploadTask-S-1-5-21-1274637062-1119044021-2617467697-1001 => C:\Users\Moderator1\AppData\Local\Citrix\GoToMeeting\2759\g2mupload.exe [2015-06-25] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {5795E9A0-8361-49A3-8061-923E63F928D4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {69ECAD7C-7E6C-4B6A-971F-FFEF783DBBAE} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {91D6610A-7D6B-44D4-BB54-56E5EC17E3F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-11] (Google Inc.)
Task: {92ABBF2D-E91A-4A58-8D48-BF30B6702680} - System32\Tasks\{F0AD6319-3387-456E-B352-10F700E1F51D} => pcalua.exe -a C:\Users\Moderator1\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=face
Task: {B5B72C7D-2EB1-4C50-A0C3-D72DE972F470} - \avabvbavad No Task File <==== ATTENTION
Task: {C04DD3DC-1340-4CF8-84D7-C1CCE6D40FDE} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {E5E68C3D-342F-4DAB-ABCE-30FCBBB9060E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {EA7D5A3F-1706-41F7-96FD-09B9C118C30E} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {EB81D8F3-0811-455E-B431-EB22DDBE55B2} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {F1C0F2B9-22E1-4307-AA41-440A313ACC54} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {FA901CFC-2E51-4244-9113-681885C44282} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FBB16285-3EB5-4575-B091-720C764414F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-11] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1274637062-1119044021-2617467697-1001.job => C:\Users\Moderator1\AppData\Local\Citrix\GoToMeeting\2759\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1274637062-1119044021-2617467697-1001.job => C:\Users\Moderator1\AppData\Local\Citrix\GoToMeeting\2759\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\QNBKJTVHX1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-03-23 18:02 - 2015-02-04 05:56 - 02692296 _____ () C:\Windows\system32\nvwmi64.exe
2013-09-11 14:33 - 2015-02-04 04:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-30 09:59 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll
2011-11-11 14:07 - 2011-11-11 14:07 - 00265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2011-08-12 12:19 - 2011-08-12 12:19 - 00680984 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2014-11-27 10:42 - 2014-11-27 10:42 - 00037696 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00034624 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 02145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 07956504 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 00342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 00029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 00128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2011-12-12 15:44 - 2011-12-12 15:44 - 00336408 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2014-11-27 10:47 - 2014-11-27 10:47 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-11-27 10:44 - 2014-11-27 10:44 - 00129344 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2015-03-30 09:59 - 2015-05-06 12:06 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-04-02 15:02 - 2015-07-01 13:16 - 41287224 _____ () C:\Users\Moderator1\AppData\Roaming\Spotify\libcef.dll
2015-04-02 15:02 - 2015-07-01 13:16 - 01488440 _____ () C:\Users\Moderator1\AppData\Roaming\Spotify\libglesv2.dll
2015-04-02 15:02 - 2015-07-01 13:16 - 00079928 _____ () C:\Users\Moderator1\AppData\Roaming\Spotify\libegl.dll
2015-06-25 08:54 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-25 08:54 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-25 08:54 - 2015-06-20 07:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
2014-09-09 10:00 - 2014-09-09 10:00 - 00023576 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1274637062-1119044021-2617467697-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Moderator1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 83.167.223.110 - 217.119.0.250
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{28ADD725-0ADB-4829-9ED5-A84CD94B2086}] => (Allow) C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{38F1AABF-6918-4394-92A6-949D56B109B4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F05D63F7-BA54-447D-9DAA-CE399EC2B3AB}] => (Allow) LPort=2869
FirewallRules: [{B97576D2-50DB-4774-B069-4AA47EEDB59A}] => (Allow) LPort=1900
FirewallRules: [{D2963F98-950C-4E97-BCE6-35D01EEF0E96}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3A19773F-7635-4F34-AD8A-B089B1EFC705}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{4B1B37BC-BB11-4764-8245-B61559FD07C2}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{DA8DE41D-8FB9-4A1C-BFE4-2DD0A331B261}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{B9A356C6-8DC5-40F2-B719-FA926EEDC38E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{66CCE1C8-857B-4CE6-A16D-E8E8B74B4C15}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{A6832396-A1F2-4859-96D4-C15397726158}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{B130C34A-D068-408D-AE2A-F7215BB505FF}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{94CEC8A7-D22D-4A92-BD01-CE92ABD7F5F6}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{762B6555-3BB2-4DB5-864A-1EB6AD2885C6}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{2F5BF575-D1C5-413A-B1E1-199C4143480C}C:\users\moderator1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moderator1\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2E47E119-6783-4E8D-98DC-B9404BA7876D}C:\users\moderator1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moderator1\appdata\roaming\spotify\spotify.exe
FirewallRules: [{111A00F3-26C3-4F26-8880-5606317A5EEF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe
FirewallRules: [{1A2D37FC-6872-4DB5-93DC-93688EB126AF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe
FirewallRules: [{48B7CD4F-ABD2-4218-88CC-E5E06A5FF921}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe
FirewallRules: [{6E87C911-CA1D-449C-AACE-DDCB837E864B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe
FirewallRules: [{FE39F1DF-BE94-4638-B524-656D776460D8}] => (Allow) LPort=5357
FirewallRules: [{4FD3F289-77FC-4F13-81D3-1C2B311BFB62}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{510DC99B-1D0A-47C8-8EE0-9CCC715FC8AB}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{2C9D0DAB-6C80-43DC-8B5E-0F702A943EF0}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{50E31025-F845-48D1-AB32-E4830E30BD7E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{D2D6141D-FE07-43A7-BC66-51C471A18785}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{9EAF1BB4-D099-44B0-984E-CD893D0AD570}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{09FE1B80-4A68-4071-8FF2-D4B30CA07046}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20EC62E6-1E16-41FB-9937-58DBB95770CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
==================== Faulty Device Manager Devices =============
 
Name: HP Officejet Pro 8620
Description: HP Officejet Pro 8620
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Standaard-PS/2-toetsenbord
Description: Standaard-PS/2-toetsenbord
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (standaardtoetsenbord)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling-adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft PS/2-muis
Description: Microsoft PS/2-muis
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/07/2015 09:04:06 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll (1068) SUS20ClientDataStore: De versieopslag voor deze sessie (0) heeft de maximale grootte van 32 MB bereikt. Waarschijnlijk is een langdurige transactie er de oorzaak van dat de versieopslag niet kan worden opgeruimd en dat deze steeds groter wordt. Updates worden geweigerd totdat de langdurige transactie volledig is doorgevoerd of is teruggedraaid.
 
Mogelijke langdurige transactie:
 
Id van sessie: 0x00000000014404A0
 
Context van sessie: 0x00000000
 
Thread-id van sessiecontext: 0x00000000000011EC
 
Opruiming: 1
 
Error: (07/07/2015 08:52:48 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll (1068) SUS20ClientDataStore: De versieopslag voor deze sessie (0) heeft de maximale grootte van 32 MB bereikt. Waarschijnlijk is een langdurige transactie er de oorzaak van dat de versieopslag niet kan worden opgeruimd en dat deze steeds groter wordt. Updates worden geweigerd totdat de langdurige transactie volledig is doorgevoerd of is teruggedraaid.
 
Mogelijke langdurige transactie:
 
Id van sessie: 0x00000000014404A0
 
Context van sessie: 0x00000000
 
Thread-id van sessiecontext: 0x00000000000011EC
 
Opruiming: 1
 
Error: (07/07/2015 08:51:58 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll (1068) SUS20ClientDataStore: De versieopslag voor deze sessie (0) heeft de maximale grootte van 32 MB bereikt. Waarschijnlijk is een langdurige transactie er de oorzaak van dat de versieopslag niet kan worden opgeruimd en dat deze steeds groter wordt. Updates worden geweigerd totdat de langdurige transactie volledig is doorgevoerd of is teruggedraaid.
 
Mogelijke langdurige transactie:
 
Id van sessie: 0x00000000014404A0
 
Context van sessie: 0x00000000
 
Thread-id van sessiecontext: 0x00000000000011EC
 
Opruiming: 1
 
Error: (07/07/2015 08:47:00 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll (1068) SUS20ClientDataStore: De versieopslag voor deze sessie (0) heeft de maximale grootte van 32 MB bereikt. Waarschijnlijk is een langdurige transactie er de oorzaak van dat de versieopslag niet kan worden opgeruimd en dat deze steeds groter wordt. Updates worden geweigerd totdat de langdurige transactie volledig is doorgevoerd of is teruggedraaid.
 
Mogelijke langdurige transactie:
 
Id van sessie: 0x00000000014404A0
 
Context van sessie: 0x00000000
 
Thread-id van sessiecontext: 0x00000000000011EC
 
Opruiming: 1
 
Error: (07/07/2015 08:43:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/03/2015 10:44:53 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll (1080) SUS20ClientDataStore: De versieopslag voor deze sessie (0) heeft de maximale grootte van 32 MB bereikt. Waarschijnlijk is een langdurige transactie er de oorzaak van dat de versieopslag niet kan worden opgeruimd en dat deze steeds groter wordt. Updates worden geweigerd totdat de langdurige transactie volledig is doorgevoerd of is teruggedraaid.
 
Mogelijke langdurige transactie:
 
Id van sessie: 0x00000000012B04A0
 
Context van sessie: 0x00000000
 
Thread-id van sessiecontext: 0x0000000000001544
 
Opruiming: 1
 
Error: (07/03/2015 10:40:58 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll (1080) SUS20ClientDataStore: De versieopslag voor deze sessie (0) heeft de maximale grootte van 32 MB bereikt. Waarschijnlijk is een langdurige transactie er de oorzaak van dat de versieopslag niet kan worden opgeruimd en dat deze steeds groter wordt. Updates worden geweigerd totdat de langdurige transactie volledig is doorgevoerd of is teruggedraaid.
 
Mogelijke langdurige transactie:
 
Id van sessie: 0x00000000012B04A0
 
Context van sessie: 0x00000000
 
Thread-id van sessiecontext: 0x0000000000001544
 
Opruiming: 1
 
Error: (07/03/2015 10:38:55 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll (1080) SUS20ClientDataStore: De versieopslag voor deze sessie (0) heeft de maximale grootte van 32 MB bereikt. Waarschijnlijk is een langdurige transactie er de oorzaak van dat de versieopslag niet kan worden opgeruimd en dat deze steeds groter wordt. Updates worden geweigerd totdat de langdurige transactie volledig is doorgevoerd of is teruggedraaid.
 
Mogelijke langdurige transactie:
 
Id van sessie: 0x00000000012B04A0
 
Context van sessie: 0x00000000
 
Thread-id van sessiecontext: 0x0000000000001544
 
Opruiming: 1
 
Error: (07/03/2015 09:31:13 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
Error: (07/03/2015 09:29:39 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
 
System errors:
=============
Error: (07/07/2015 10:05:28 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: De naam ADMIN-PC       :0 kan niet op de interface met het IP-adres 192.168.1.140 worden geregistreerd.
De computer met het IP-adres 192.168.1.106 staat niet toe dat deze naam door deze computer
wordt gebruikt.
 
Error: (07/07/2015 10:03:04 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: De naam ADMIN-PC       :0 kan niet op de interface met het IP-adres 192.168.1.140 worden geregistreerd.
De computer met het IP-adres 192.168.1.106 staat niet toe dat deze naam door deze computer
wordt gebruikt.
 
Error: (07/07/2015 09:58:00 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: De naam ADMIN-PC       :0 kan niet op de interface met het IP-adres 192.168.1.140 worden geregistreerd.
De computer met het IP-adres 192.168.1.106 staat niet toe dat deze naam door deze computer
wordt gebruikt.
 
Error: (07/07/2015 09:57:45 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: De naam ADMIN-PC       :0 kan niet op de interface met het IP-adres 192.168.1.140 worden geregistreerd.
De computer met het IP-adres 192.168.1.106 staat niet toe dat deze naam door deze computer
wordt gebruikt.
 
Error: (07/07/2015 09:55:17 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: De naam ADMIN-PC       :0 kan niet op de interface met het IP-adres 192.168.1.140 worden geregistreerd.
De computer met het IP-adres 192.168.1.106 staat niet toe dat deze naam door deze computer
wordt gebruikt.
 
Error: (07/07/2015 09:53:15 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: De naam ADMIN-PC       :0 kan niet op de interface met het IP-adres 192.168.1.140 worden geregistreerd.
De computer met het IP-adres 192.168.1.106 staat niet toe dat deze naam door deze computer
wordt gebruikt.
 
Error: (07/07/2015 09:36:56 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: De naam ADMIN-PC       :0 kan niet op de interface met het IP-adres 192.168.1.140 worden geregistreerd.
De computer met het IP-adres 192.168.1.106 staat niet toe dat deze naam door deze computer
wordt gebruikt.
 
Error: (07/07/2015 09:30:17 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: De naam ADMIN-PC       :0 kan niet op de interface met het IP-adres 192.168.1.140 worden geregistreerd.
De computer met het IP-adres 192.168.1.106 staat niet toe dat deze naam door deze computer
wordt gebruikt.
 
Error: (07/07/2015 09:25:12 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: De naam ADMIN-PC       :0 kan niet op de interface met het IP-adres 192.168.1.140 worden geregistreerd.
De computer met het IP-adres 192.168.1.106 staat niet toe dat deze naam door deze computer
wordt gebruikt.
 
Error: (07/07/2015 08:42:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: toepassingsspecifiekLokaalStarten{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (via LRPC)
 
 
Microsoft Office:
=========================
Error: (07/07/2015 09:04:06 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll1068SUS20ClientDataStore: 0320x00000000014404A00x000000000x00000000000011EC1
 
Error: (07/07/2015 08:52:48 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll1068SUS20ClientDataStore: 0320x00000000014404A00x000000000x00000000000011EC1
 
Error: (07/07/2015 08:51:58 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll1068SUS20ClientDataStore: 0320x00000000014404A00x000000000x00000000000011EC1
 
Error: (07/07/2015 08:47:00 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll1068SUS20ClientDataStore: 0320x00000000014404A00x000000000x00000000000011EC1
 
Error: (07/07/2015 08:43:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/03/2015 10:44:53 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll1080SUS20ClientDataStore: 0320x00000000012B04A00x000000000x00000000000015441
 
Error: (07/03/2015 10:40:58 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll1080SUS20ClientDataStore: 0320x00000000012B04A00x000000000x00000000000015441
 
Error: (07/03/2015 10:38:55 AM) (Source: ESENT) (EventID: 623) (User: )
Description: wuaueng.dll1080SUS20ClientDataStore: 0320x00000000012B04A00x000000000x00000000000015441
 
Error: (07/03/2015 09:31:13 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
Error: (07/03/2015 09:29:39 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-07-03 10:17:45.556
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2015-07-03 10:17:45.525
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2015-07-03 10:17:45.494
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2015-07-03 10:17:45.462
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2015-07-03 10:17:45.357
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2015-07-03 10:17:45.326
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2015-07-03 10:17:45.294
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2015-07-03 10:17:45.248
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2015-07-02 10:44:21.317
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
  Date: 2015-07-02 10:44:21.270
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2500 CPU @ 3.30GHz
Percentage of memory in use: 73%
Total physical RAM: 4054.04 MB
Available physical RAM: 1063.14 MB
Total Virtual: 8106.28 MB
Available Virtual: 4213.48 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:231.98 GB) (Free:169.22 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.8 GB) (Disk ID: ED40EDCB)
Partition 1: (Active) - (Size=868 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232 GB) - (Type=07 NTFS)
 
==================== End of log ============================
 
Many thanks in advance

  • 0

Advertisements


#2
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello tvbrux, and Welcome! :welcome:

My name is Dan, and I'll be helping you with your issues. If someone else is helping you, either here or at another malware removal assistance site, please let me know so that I may direct my efforts to helping another user.  The Staff at Geeks To Go are ALL volunteers; please keep that in mind if I don’t answer your post as quickly as you’d like. I give what time I can.  PLEASE be patient. ;)

I am currently in training, so there will be another person reviewing my work.  This may cause a bit of a delay in my responses, but on the positive side, you will have two sets of eyes reviewing your logs instead of one... :cool:
 

  • Please note that you should have Administrator rights to perform any fixes.
     
  • Before we proceed, you may wish to print instructions for easy reference during the fix.  Please be aware that many of the required URLs are hyperlinks in the blue names shown on your screen. Part of the fix may require you to be in Safe Mode, which might not allow you to access the internet, or my instructions.
     
  • Please understand that malware removal is a complicated, multi-step process.  Therefore please stay with me until I tell you that your system is clean.  
     
  • Please do not make any system or program changes, or run any tools unless I specifically ask you to.  Attempting malware removal or clean-up yourself will only extend the time it will take to get your system clean.    If you get stuck or have questions, please stop and ask so I can help you.
     
  • Be sure to back up any personal data files you need to keep (documents, photos, etc.) to a USB flash drive or external hard disk.  While every attempt will be made to precisely repair the infections on your computer, due to the complexity and unpredictability of malware clean-up, there is always a risk of data loss.
     
  • When posting logs, please Copy & Paste the log file contents into a reply.  Use multiple posts if necessary, but please do not attach them or post them on a file hosting site, unless specifically asked to do so.

I need to consult with my colleagues about your case before we can begin, so please be patient.  I'll be back.  Thanks. :)

 


  • 0

#3
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello tvbrux,
 

It's important that I have a stable workstation, because we are going to deliver online interaction with our clients via our communication portals and IT can only be here in about one week, so if I can do anything myself, I'd be happy to.


We have an IT group at my employer who has policies in place that they alone are allowed to service or modify any company-owned computer equipment.

Will your IT staff care at all if unknown people work on your computer?


  • 0

#4
tvbrux

tvbrux

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Hello tvbrux,
 

It's important that I have a stable workstation, because we are going to deliver online interaction with our clients via our communication portals and IT can only be here in about one week, so if I can do anything myself, I'd be happy to.


We have an IT group at my employer who has policies in place that they alone are allowed to service or modify any company-owned computer equipment.

Will your IT staff care at all if unknown people work on your computer?

 

Thanks for your response!

 

Well, we're a small company and we're not up and running yet, so it's not on their radar, yet. In August there will be perfomance tests and stability tests. However, I'm currently beta testing with our software and can be a lot more productive with a stable and faster system, ofcourse.


  • 0

#5
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hi tvbrux,

 

Apologies for any confusion here, but please answer my question, yes or no:  Will your IT staff care at all if unknown people work on your computer and run programs on it? 

 

(Usually this is related to who owns and is responsible for the computer equipment and its support and maintenance.)

 

 


  • 0

#6
tvbrux

tvbrux

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Hi tvbrux,

 

Apologies for any confusion here, but please answer my question, yes or no:  Will your IT staff care at all if unknown people work on your computer and run programs on it? 

 

(Usually this is related to who owns and is responsible for the computer equipment and its support and maintenance.)

 

 

 

Ah sorry, now I see what you mean.

 

Then: Yes. 


  • 0

#7
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello tvbrux,

 

Thank you for your honesty.  Unfortunately, according to the geekstogo.com Terms of Use, by which all here (myself included) must abide, we will be unable to provide assistance with the system. 

 

I do sincerely apologize for this.

 

Dan


  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP