windows 7 is sloom

[john ross]

Hallo allen,

heb hier een HP laptop met i3 cpu, 4gb ram en gewone hd(geen ssd) ,win7 home premium

win7 staat er een jaar of 4 op en werkt heel traag. De laptop is van een studente geneeskunde en wordt uitsluitend gebruikt voor haar studies.
M.a.w. er word bijna geen rotzooiprogjes op gegooid.

Ik heb een clean gedaan met ccleaner, MBAM , superantispyware, jrt.exe ,volledige virusscan(AVG) en
vervolgens defragmentatie, schijfopruiming ,sfc/scanow ,alle drivers geupdate.

Er is wel een beetje rotzooi uitgekomen maar niet omzeggens zware bedreigingen.

het opstarten gebeurt nog traag en multitasken is ook een probleem dus overweeg ik een nieuwe install maar
het kan toch niet zijn dat er geen oplossing bestaat om dit probleem op te lossen aangezien er nooit gerotzooit geweest is met deze laptop of
is windows gewoon zo'n rotzooi?


wie weet er een oplossing?


Mvg. Jan


P.S. de map winsxs is gigantisch groot en mag/kan die verwijderd worden?

 

[dorado]

Download

Farbar Recovery Scan Tool naar je Bureaublad van de onderstaande link.
Farbar Recovery Scan Tool 32 bit of Farbar Recovery Scan Tool 64 bit (x64)

• Dubbelklik op FRST.exe om de tool te starten.
• Als het programma is geopend klik Yes (Ja) bij de disclaimer.
• Vink bij Whitelist Registry, Serives, Drivers, Processes, knownDLLs & Internet niets uit.
• Vink bij Optional Scan ook List BCD, Drivers MD5 & Addition.txt aan.
• Druk op de Scan knop.
• Er worden twee logbestanden aangemaakt worden(FRST.txt)+ (Addition.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
• Voeg deze logbestanden toe in je volgende bericht.

 

[john ross]

hallo, bedankt voor de moeite.

hier zijn de logs:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-01-2015 01
Ran by lieselot at 2015-02-01 02:14:59
Running from G:\Nieuwe map
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark03 (HKLM-x32\...\{FF35F637-72B9-43BE-A281-06EB2854393A}) (Version: 3.6.2 - Futuremark Corporation)
3M Products Update version 2011-11 for Microsoft Office 2010 (HKLM-x32\...\{605540BB-36B3-49F0-96D8-B760CBD6E0E8}_is1) (Version:  - 3M Company)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Albelli.be Fotoboeken (HKU\S-1-5-21-2088784276-3429463049-950978949-1001\...\{C16DFB31-4A09-474E-AF61-02AFB3008763}_is1) (Version:  - Albelli)
ATI Catalyst Install Manager (HKLM\...\{C9083B9D-9092-FF22-DDCC-9776E69BE816}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies)
AVG 2014 (Version: 14.0.4257 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Belgium e-ID middleware 4.0.4 (build 7251) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207251}) (Version: 4.0.7251 - Belgian Government)
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
Bus Driver (x32 Version: 2.2.0.82 - WildTangent) Hidden
ccc-core-static (x32 Version: 2010.0302.2233.40412 - Uw bedrijfsnaam) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.4.0.25 - Citrix Systems, Inc.)
Content Transfer (HKLM-x32\...\{CFADE4AF-C0CF-4A04-A776-741318F1658F}) (Version: 1.1.0.13230 - Sony Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2527 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.3810 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dream Chronicles (x32 Version: 2.2.0.82 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Gem Shop (x32 Version: 2.2.0.82 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Drive (HKLM-x32\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{E2831862-F131-4327-B9CC-FA30F587EB6C}) (Version: 1.2.3988.3281 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{F10EED3C-A1D4-4F2E-AEA7-FA901C0A2396}) (Version: 4.1.13.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0211 (HKLM-x32\...\{F37935A0-AFC8-47F9-8B7D-D09E88FCA0B8}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{B7722D22-167A-4598-B666-0A4ADCCDE82B}) (Version: 4.0.4.2 - Hewlett-Packard)
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Quest II (x32 Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KBC-beveiligingscomponenten (HKLM-x32\...\{ACE6A1FF-89E2-4E43-8C56-5968B46A7C7E}) (Version: 6.27.0004 - KBC Groep NV)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2515 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}) (Version: 1.18.12.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version:  - EasyBits Software AS)
Mahjongg Artifacts (x32 Version: 2.2.0.82 - WildTangent) Hidden
Malwarebytes Anti-Malware versie 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Dutch/Nederlands (HKLM-x32\...\Office14.OMUI.nl-nl) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0413-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2088784276-3429463049-950978949-1001\...\SkyDriveSetup.exe) (Version: 17.0.2006.0314 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MusicStation (HKLM-x32\...\{E74E7F63-E70F-43f2-873F-35FB66F263B2}) (Version: 2.0.5.71 - Omnifone)
Mystery P.I. - The Vegas Heist (x32 Version: 2.2.0.82 - WildTangent) Hidden
Online Plug-in (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version:  - Photodex Corporation)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3715 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.3715 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2514 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2514 - CyberLink Corp.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Rapport (x32 Version: 3.5.1404.61 - Trusteer) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6066 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2512 - CyberLink Corp.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.1.13103.22 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.1.13103.22 - Samsung Electronics Co., Ltd.) Hidden
Self-service Plug-in (x32 Version: 3.4.0.33684 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{2ABAC676-CF18-432C-B4B2-54F12AD59929}) (Version:  - Microsoft)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
SmartDraw 2013 (HKLM-x32\...\SmartDraw 2013) (Version:  - SmartDraw, LLC)
Stuurprogrammapakket voor Windows - Fedict SmartCard  (10/04/2011 4.0.0.5) (HKLM\...\3FE3642036A0F4AEC17772437CE14BB1E67006AA) (Version: 10/04/2011 4.0.0.5 - Fedict)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.12.0 - Synaptics Incorporated)
Trusteer Eindpuntbeveiliging (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.61 - Trusteer)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.5 (HKLM-x32\...\VLC media player) (Version: 1.1.5 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.82 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Mobile Apparaatcentrum (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 5.21 bèta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.1 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
Zuma Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2088784276-3429463049-950978949-1001_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-2088784276-3429463049-950978949-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\lieselot\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2088784276-3429463049-950978949-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\lieselot\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2088784276-3429463049-950978949-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\lieselot\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2088784276-3429463049-950978949-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\lieselot\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2088784276-3429463049-950978949-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\lieselot\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

05-12-2014 16:44:50 Windows Back-up
09-12-2014 01:38:23 Installed Samsung Kies3
15-12-2014 20:10:10 Windows Update
19-12-2014 11:03:25 Windows Update
22-12-2014 20:13:21 Windows Update
11-01-2015 13:02:43 Windows Update
21-01-2015 12:08:52 Windows Update
21-01-2015 21:13:41 Windows Update
22-01-2015 14:17:06 Windows Update
30-01-2015 10:20:59 Installed KBC-beveiligingscomponenten.
30-01-2015 10:23:44 Installed Rapport
31-01-2015 07:19:07 Installed 3DMark03

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {28B53A6C-A806-4BB7-8706-BD4D37A34256} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {2E5C3ED1-3A57-44C1-AD38-5E020DAA2EE2} - System32\Tasks\{4175FAFC-26BD-4E0D-A607-E5FB343C668D} => G:\++++portable++++\UltimateDefrag_2008_v2.0.0.47_www.softarchive.net.exe
Task: {2F064047-0C70-43F3-9E7D-EEFED975605B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2088784276-3429463049-950978949-1001UA => C:\Users\lieselot\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-11] (Facebook Inc.)
Task: {40B7B767-C308-42D4-B361-1702FCADDCC9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {40F0A4BC-8D64-4A30-9F4E-8157FF263102} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-30] (Adobe Systems Incorporated)
Task: {498D1AFA-8B5B-4C5B-9F7A-AC18F0EFC68B} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-23] ()
Task: {49CBF0C7-CF3B-432F-8357-39F554A7678D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {5B1514AB-C277-446A-AA2A-EFFAD91C4A19} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {63DE8D5C-851D-4CA5-AAB5-2E021E53725B} - System32\Tasks\{6EFACE2A-63B3-4724-B741-2830839C6CC3} => C:\Users\lieselot\Downloads\flashplayer11_b1_uninstall_win_64_071311.exe
Task: {6BF85679-048E-497E-BAD5-6936EF21D767} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-29] (Google Inc.)
Task: {7B4C796F-C24C-4285-96CC-484D7958A624} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-12-16] (Microsoft)
Task: {8D54FA34-E528-43FE-844D-D1B73C7E9938} - System32\Tasks\SDMsgUpdate (TE) => C:\Program Files (x86)\SmartDraw 2013\Messages\SDNotify.exe [2012-08-13] ()
Task: {A193A2FC-4098-40F2-90E6-9BFBE6ACAD2C} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {BD296009-4740-4863-B648-36C507886875} - System32\Tasks\{E370AA54-ED85-4CF6-8F48-A597A7EE81C4} => pcalua.exe -a G:\++++portable++++\UltimateDefrag_2008_v2.0.0.47_www.softarchive.net.exe -d G:\++++portable++++
Task: {BF710757-1DCF-4C91-9022-1CE93BA00A57} - System32\Tasks\AVG-Secure-Search-Update_0814tb_rmv => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_0814tb.exe
Task: {C7C8DB2E-9E29-4D38-AA65-10DB61343390} - System32\Tasks\{DFFAE0C3-02BE-4AF8-9B2A-EE7B2801A18D} => G:\++++portable++++\UltimateDefrag_2008_v2.0.0.47_www.softarchive.net.exe
Task: {D0C4F86E-9E4D-4E08-AAAB-62DB176DDCA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-29] (Google Inc.)
Task: {D9E85211-87B1-4BA1-A06E-F186202B83D6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {DB407B97-7923-4BF6-8491-186D7876CD27} - System32\Tasks\AVG-Secure-Search-Update_0814tb_rel => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_0814tb.exe
Task: {DC6ECD38-34CF-47E6-A450-353E8B7CF7DF} - System32\Tasks\{032D9DB3-E3F3-4EE6-9521-6BD869F95308} => pcalua.exe -a "G:\++++portable++++\your uninstaller\P. Your Uninstaller! 2008 Pro by yd.exe" -d "G:\++++portable++++\your uninstaller"
Task: {E190DD97-6419-426B-BB96-C8D0C1216EA0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2088784276-3429463049-950978949-1001Core => C:\Users\lieselot\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-11] (Facebook Inc.)
Task: {E9B44852-A386-4DB2-BACA-D324F6208B88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {FFCEFB14-DE92-41E5-9DD9-25449E61753C} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-23] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rel.job => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_0814tb.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rmv.job => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_0814tb.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2088784276-3429463049-950978949-1001Core.job => C:\Users\lieselot\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2088784276-3429463049-950978949-1001UA.job => C:\Users\lieselot\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SDMsgUpdate (TE).job => C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe

==================== Loaded Modules (whitelisted) =============

2012-11-10 14:48 - 2012-08-13 16:18 - 00462848 _____ () C:\Program Files (x86)\SmartDraw 2013\Messages\SDNotify.exe
2009-10-22 11:51 - 2009-10-22 11:51 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-23 13:22 - 2010-08-23 13:22 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-01-27 13:01 - 2010-01-27 13:01 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-01-27 13:01 - 2010-01-27 13:01 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-01-27 13:01 - 2010-01-27 13:01 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-03-23 16:04 - 2014-03-23 16:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:B3D74A13

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^lieselot^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: MSN Toolbar => "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\mswinext.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-2088784276-3429463049-950978949-500 - Administrator - Disabled)
Gast (S-1-5-21-2088784276-3429463049-950978949-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2088784276-3429463049-950978949-1002 - Limited - Enabled)
lieselot (S-1-5-21-2088784276-3429463049-950978949-1001 - Administrator - Enabled) => C:\Users\lieselot

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (02/01/2015 02:07:06 AM) (Source: SCardSvr) (EventID: 602) (User: )
Description: Het systeem kan het opgegeven pad niet vinden.

Error: (01/31/2015 04:54:31 PM) (Source: SCardSvr) (EventID: 602) (User: )
Description: Het systeem kan het opgegeven pad niet vinden.

Error: (01/31/2015 04:45:29 PM) (Source: SCardSvr) (EventID: 602) (User: )
Description: Het systeem kan het opgegeven pad niet vinden.

Error: (01/31/2015 04:03:42 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT AUTHORITY)
Description: Kan CBS-client niet initialiseren. Laatste fout: 0x80080005

Error: (01/31/2015 04:03:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (01/31/2015 04:00:43 PM) (Source: SCardSvr) (EventID: 602) (User: )
Description: Het systeem kan het opgegeven pad niet vinden.

Error: (01/31/2015 03:58:03 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 42%
Total physical RAM: 3893.86 MB
Available physical RAM: 2243.78 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 5908.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:449.2 GB) (Free:351.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.26 GB) (Free:2.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive g: (WIN7 SP1 HOME PREMIUM 32BIT NL) (Fixed) (Total:14.91 GB) (Free:7.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A1C1C0D1)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (Size: 14.9 GB) (Disk ID: 00069819)
Partition 1: (Active) - (Size=14.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================































Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-01-2015 01
Ran by lieselot (administrator) on LIESELOTPC on 01-02-2015 02:14:17
Running from G:\Nieuwe map
Loaded Profiles: lieselot (Available profiles: lieselot)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [url]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/url]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
() C:\Program Files (x86)\SmartDraw 2013\Messages\SDNotify.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Isabel SA/NV) C:\Program Files (x86)\Common Files\Isabel\isa_kbc_certupdate.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-12] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6234144 2010-03-13] (Realtek Semiconductor)
HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-13] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-01-27] (Hewlett-Packard)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre1.8.0_31\bin\jusched.exe"
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [423200 2009-01-23] (Sony Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [383544 2012-12-14] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [IsaKbcCertUpdate] => C:\Program Files (x86)\Common Files\Isabel\isa_kbc_certupdate.exe [1085976 2013-10-22] (Isabel SA/NV)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2088784276-3429463049-950978949-1001\...\Run: [Facebook Update] => C:\Users\lieselot\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-11] (Facebook Inc.)
HKU\S-1-5-21-2088784276-3429463049-950978949-1001\...\RunOnce: [Uninstall C:\Users\lieselot\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lieselot\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_2\amd64"
HKU\S-1-5-21-2088784276-3429463049-950978949-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2088784276-3429463049-950978949-1001\...\Policies\system: [DisableChangePassword] 0
AppInit_DLLs-x32: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll => C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll [256568 2012-12-14] (Citrix Systems, Inc.)
SecurityProviders: credssp.dll, schannel.dll

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2088784276-3429463049-950978949-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url]http://g.uk.msn.com/HPCON/2[/url]
URLSearchHook: HKU\S-1-5-21-2088784276-3429463049-950978949-1001 - (No Name) - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - No File
SearchScopes: HKLM-x32 -> {EDF59632-0F57-4DCD-A36C-63DC08E0ACFC} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2088784276-3429463049-950978949-1001 -> {EDF59632-0F57-4DCD-A36C-63DC08E0ACFC} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Aanmeldhulp voor Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-2088784276-3429463049-950978949-1001 -> No Name - {3AD798D0-4642-4C55-BC14-CFE7DD19E0D1} -  No File
DPF: HKLM {CB50428B-657F-47DF-9B32-671F82AA73F7} [url]http://www.photodex.com/pxplay.cab[/url]
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} [url]http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[/url]
DPF: HKLM-x32 {0972B098-DEE9-4279-AC7E-4BAAA029102D} [url]http://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20120404052537[/url]
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} [url]http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab[/url]
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-05-17] (EasyBits Software Corp.)
ShellExecuteHooks-x32:  - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 195.130.130.133 195.130.131.133

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2088784276-3429463049-950978949-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\lieselot\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2088784276-3429463049-950978949-1001: facebook.com/fbDesktopPlugin -> C:\Users\lieselot\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Extension: eID België - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2013-03-01]
FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be

Chrome: 
=======
CHR Profile: C:\Users\lieselot\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\lieselot\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2015-01-31] (SUPERAntiSpyware.com)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-01-25] (EasyBits Software AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-12-22] (IBM Corp.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 A38CCID; C:\Windows\System32\DRIVERS\a38ccid.sys [62976 2014-11-13] (Advanced Card Systems Ltd.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-14] (AVG Technologies)
S3 cxbu0x64; C:\Windows\System32\DRIVERS\cxbu0x64.sys [177920 2011-09-06] (HID Global Corporation)
R1 RapportCerberus_80120; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80120.sys [845464 2015-01-30] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445816 2014-12-22] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [535576 2014-12-22] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [558872 2014-12-22] (IBM Corp.)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SAS***IL; C:\Program Files\SUPERAntiSpyware\SAS***IL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 cpuz130; \??\C:\Users\lieselot\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\a38ccid.sys 35E0CBFE5E04248CDD8B7222FF6C71C6
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\System32\DRIVERS\agrsm64.sys 98022774D9930ECBB292E70DB7601DF6
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atipmdag.sys D1D06810BF7E21F5763EB06CB7E7262B
C:\Windows\System32\DRIVERS\atikmpag.sys 6BA71D6616B56816E57394D77DD1BB6F
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtiHdmi.sys 77C149E6D702737B2E372DEE166FAEF8
C:\Windows\System32\DRIVERS\avgdiska.sys CDE60914D4ED81291F0CCFDB2CA311B9
C:\Windows\System32\DRIVERS\avgidsdrivera.sys E7E1A0AB30587BF3734A2EC66BBCE743
C:\Windows\System32\DRIVERS\avgidsha.sys B0E4A1F342A3F8B75C4A4ADB044761C9
C:\Windows\System32\DRIVERS\avgldx64.sys 5980222218A0773E2994E524E5BA2464
C:\Windows\System32\DRIVERS\avgloga.sys 197F28711B4B71E6575E5298CCEDC737
C:\Windows\System32\DRIVERS\avgmfx64.sys 53C79A07776F930EADB92F2A8DE17D81
C:\Windows\System32\DRIVERS\avgrkx64.sys C4F9056928B26BCAF15872E46B29184F
C:\Windows\System32\DRIVERS\avgtdia.sys 367185B24132230843EF53B07305720D
C:\Windows\system32\drivers\avgtpx64.sys 68430AD3FB0FADBFA5D1677617D1E1F5
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys 810BE94A9E42309B3F74217AC28BC6AC
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ctxusbm.sys C20E2A7A29F06A69C40E949255257B01
C:\Windows\System32\DRIVERS\cxbu0x64.sys BD99D714062029904E11E3BCC32D1E35
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys BE7D72FCF442C26975942007E0831241
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 90AFAB2B5962B1CD5BB23320675D6174
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Impcd.sys 4B6363CD4610BB848531BB260B15DFCC
C:\Windows\System32\drivers\RTKVHD64.sys E76FDFFF07F8A2FA81FF250DDA0F6BBA
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdpmd64.sys 90AFAB2B5962B1CD5BB23320675D6174
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 41774FF331F609EF442B7398EE6202B1
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netw5v64.sys 64428DFDAF6E88366CB51F45A79C5F69
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80120.sys 898A05859D60BFCDF332139E2323EDBE
C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys 22FD13465C2AE76DE4D78157F01A4B5E
C:\Windows\System32\Drivers\RapportKE64.sys C1E0A0D5C58E2B8FEEA078B61B333267
C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys 9A800ADA67F2CA1D8D99087CA28E32BA
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys 483DF0B58CA532E5240E59DC41F30AA2
C:\Windows\SysWOW64\Drivers\RtsUStor.sys 483DF0B58CA532E5240E59DC41F30AA2
C:\Windows\System32\DRIVERS\Rt64win7.sys 777FC2C418465404E3D8A290DC247D24
C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 3289766038DB2CB14D07DC84392138D5
C:\Program Files\SUPERAntiSpyware\SAS***IL64.SYS 58A38E75F3316A83C23DF6173D41F2B5
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\drivers\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8
C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04
C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys CE9B5A79AEE330BC7E88C0441E5727BB
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\system32\drivers\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\yk62x64.sys B3EEACF62445E24FBB2CD4B0FB4DB026

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 02:09 - 2015-02-01 02:14 - 00000000 ____D () C:\FRST
2015-01-31 15:51 - 2015-01-31 15:51 - 00023715 _____ () C:\Users\lieselot\Desktop\JRT.txt
2015-01-31 15:38 - 2015-01-31 15:38 - 01707939 _____ (Thisisu) C:\Users\lieselot\Desktop\JRT (1).exe
2015-01-31 15:38 - 2015-01-31 15:38 - 00000000 ____D () C:\Windows\ERUNT
2015-01-31 15:37 - 2015-01-31 15:37 - 01707939 _____ (Thisisu) C:\Users\lieselot\Downloads\JRT.exe
2015-01-31 15:32 - 2015-01-31 15:32 - 00003244 _____ () C:\Windows\System32\Tasks\{032D9DB3-E3F3-4EE6-9521-6BD869F95308}
2015-01-31 15:23 - 2015-01-31 15:23 - 00000000 ____D () C:\Users\lieselot\Desktop\0001-6305_Vista_Win7_PG537
2015-01-31 15:22 - 2015-01-31 15:22 - 00000000 ____D () C:\Users\lieselot\AppData\Roaming\WinRAR
2015-01-31 14:06 - 2015-01-31 14:07 - 90844984 _____ (AVG Technologies) C:\Users\lieselot\Downloads\avg_tuh_stf_all_2015_238_24c28.exe
2015-01-31 07:37 - 2015-01-31 07:37 - 00000000 ____D () C:\Users\lieselot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-31 07:37 - 2015-01-31 07:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-31 07:37 - 2015-01-31 07:37 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-31 07:36 - 2015-01-31 07:37 - 02319600 _____ () C:\Users\lieselot\Downloads\winrar-x64-521b1nl.exe
2015-01-31 07:33 - 2015-01-31 07:33 - 00001950 _____ () C:\Users\lieselot\Desktop\Magic Desktop.lnk
2015-01-31 07:23 - 2015-01-31 07:23 - 00002052 _____ () C:\Users\Public\Desktop\3DMark03.lnk
2015-01-31 07:21 - 2015-01-31 07:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2015-01-31 07:21 - 2015-01-31 07:21 - 00000000 ____D () C:\Program Files (x86)\Futuremark
2015-01-31 07:15 - 2015-01-31 07:15 - 00000000 ____D () C:\Users\lieselot\Desktop\Nieuwe map
2015-01-31 07:13 - 2015-01-29 21:21 - 190661344 _____ (Acresso Software Inc.) C:\Users\lieselot\Desktop\3DMark03_v360_1901-[Guru3D.com].exe
2015-01-31 07:10 - 2015-01-31 07:01 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-31 07:10 - 2015-01-31 07:01 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-31 07:10 - 2015-01-31 07:01 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-31 07:08 - 2015-01-31 07:05 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-31 06:47 - 2015-02-01 02:07 - 00000672 _____ () C:\Windows\setupact.log
2015-01-31 06:47 - 2015-01-31 06:47 - 00000572 _____ () C:\Windows\PFRO.log
2015-01-31 06:47 - 2015-01-31 06:47 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-31 06:42 - 2015-01-31 06:45 - 00000000 ____D () C:\AdwCleaner
2015-01-31 06:32 - 2015-01-31 06:55 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-31 06:31 - 2015-01-31 06:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-31 06:31 - 2015-01-31 06:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-31 06:31 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-31 06:31 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-31 06:25 - 2015-01-31 06:26 - 05325208 _____ (Piriform Ltd) C:\Users\lieselot\Downloads\ccsetup502 (1).exe
2015-01-31 06:25 - 2015-01-31 06:25 - 05325208 _____ (Piriform Ltd) C:\Users\lieselot\Downloads\ccsetup502.exe
2015-01-31 00:59 - 2015-01-31 00:59 - 00003544 ____N () C:\bootsqm.dat
2015-01-30 22:33 - 2015-01-30 22:33 - 00003022 _____ () C:\Windows\System32\Tasks\{4175FAFC-26BD-4E0D-A607-E5FB343C668D}
2015-01-30 22:32 - 2015-01-30 22:32 - 00003022 _____ () C:\Windows\System32\Tasks\{DFFAE0C3-02BE-4AF8-9B2A-EE7B2801A18D}
2015-01-30 22:31 - 2015-01-30 22:31 - 00003196 _____ () C:\Windows\System32\Tasks\{E370AA54-ED85-4CF6-8F48-A597A7EE81C4}
2015-01-30 22:29 - 2015-01-30 22:30 - 00000079 _____ () C:\Users\lieselot\AppData\Local\CrystalDiskMark30.ini
2015-01-30 10:40 - 2015-01-30 10:40 - 00000000 ____D () C:\Users\lieselot\AppData\Roaming\Isabel Services
2015-01-30 10:36 - 2015-01-30 10:37 - 61253792 _____ (Microsoft Corporation) C:\Users\lieselot\Downloads\EIE11_NL-NL_WOL_WIN764.EXE
2015-01-30 10:25 - 2014-12-22 17:52 - 00535576 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys
2015-01-30 10:24 - 2015-01-30 10:24 - 00000000 ____D () C:\Users\lieselot\AppData\Local\Trusteer
2015-01-30 10:24 - 2015-01-30 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging
2015-01-30 10:24 - 2015-01-30 10:24 - 00000000 ____D () C:\Program Files (x86)\Trusteer
2015-01-30 10:23 - 2015-01-30 10:23 - 00000000 ____D () C:\ProgramData\Trusteer
2015-01-30 10:22 - 2015-01-30 10:22 - 00002092 _____ () C:\Users\Public\Desktop\KBC-Online for Business.lnk
2015-01-30 10:22 - 2015-01-30 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KBC-Online for Business
2015-01-30 10:20 - 2015-01-30 10:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
2015-01-30 10:06 - 2015-01-30 10:22 - 00000000 ____D () C:\ProgramData\Isabel Services
2015-01-21 21:13 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-21 21:13 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-21 21:13 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-21 21:13 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-21 21:13 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-21 21:13 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-21 21:13 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-21 21:13 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-21 21:13 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-21 21:13 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-21 21:13 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-21 21:13 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-21 21:13 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-21 12:01 - 2015-01-21 12:01 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-11 12:56 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-11 12:56 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 02:11 - 2010-05-17 18:36 - 00746014 _____ () C:\Windows\system32\perfh013.dat
2015-02-01 02:11 - 2010-05-17 18:36 - 00153934 _____ () C:\Windows\system32\perfc013.dat
2015-02-01 02:11 - 2009-07-14 06:13 - 01671836 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-01 02:10 - 2013-06-22 05:57 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-01 02:09 - 2010-08-23 13:15 - 02010097 _____ () C:\Windows\WindowsUpdate.log
2015-02-01 02:07 - 2014-09-03 19:08 - 00000376 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rmv.job
2015-02-01 02:07 - 2014-09-03 19:08 - 00000376 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rel.job
2015-02-01 02:07 - 2013-06-23 04:13 - 00000270 _____ () C:\Windows\Tasks\AutoKMS.job
2015-02-01 02:07 - 2012-11-29 16:45 - 00001052 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-01 02:07 - 2012-11-10 14:49 - 00000478 _____ () C:\Windows\Tasks\SDMsgUpdate (TE).job
2015-02-01 02:07 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-31 16:58 - 2012-06-28 13:51 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2088784276-3429463049-950978949-1001UA.job
2015-01-31 16:58 - 2009-07-14 05:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-31 16:58 - 2009-07-14 05:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-31 16:29 - 2012-11-29 16:45 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-31 15:30 - 2013-06-22 07:45 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-31 15:01 - 2011-01-09 20:41 - 00000000 ____D () C:\Users\lieselot\AppData\Roaming\vlc
2015-01-31 15:00 - 2012-10-12 21:04 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-31 07:34 - 2010-05-17 11:00 - 00000000 ____D () C:\Program Files (x86)\EasyBits For Kids
2015-01-31 07:24 - 2013-10-04 15:07 - 00000000 ____D () C:\Users\lieselot\AppData\Local\WinZip
2015-01-31 07:22 - 2010-05-17 09:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-31 07:18 - 2013-06-22 06:58 - 00000000 ____D () C:\Windows\pss
2015-01-31 07:11 - 2014-03-27 12:07 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-31 07:10 - 2014-03-27 10:30 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-31 07:09 - 2010-05-17 11:12 - 00000000 ____D () C:\Program Files\Java
2015-01-31 07:05 - 2010-05-17 11:12 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-31 07:05 - 2010-05-17 11:12 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-31 07:05 - 2010-05-17 11:12 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-31 07:01 - 2014-03-27 10:30 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-31 06:54 - 2013-06-23 17:11 - 00000000 ____D () C:\Users\lieselot\Desktop\jan
2015-01-31 06:31 - 2013-06-22 07:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-01-31 06:31 - 2012-02-03 21:09 - 00000000 ____D () C:\Users\lieselot\AppData\Roaming\Malwarebytes
2015-01-31 06:31 - 2012-02-03 21:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-31 06:26 - 2012-02-03 21:13 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-30 22:42 - 2011-12-29 20:39 - 00000000 ____D () C:\Windows\Minidump
2015-01-30 22:42 - 2009-09-07 02:57 - 00000000 ____D () C:\Windows\Panther
2015-01-30 22:34 - 2010-05-17 09:52 - 00000000 ____D () C:\ProgramData\Temp
2015-01-30 22:24 - 2012-06-28 13:51 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2088784276-3429463049-950978949-1001Core.job
2015-01-30 10:01 - 2012-10-12 21:04 - 00003878 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-30 10:00 - 2012-10-12 21:04 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-30 10:00 - 2011-10-24 11:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-28 20:43 - 2011-01-06 14:33 - 00000000 ____D () C:\Users\lieselot\AppData\Roaming\HpUpdate
2015-01-28 11:04 - 2012-12-03 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-01-22 14:25 - 2014-04-01 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-22 14:25 - 2013-10-11 19:17 - 00000975 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2015-01-21 21:14 - 2013-08-19 15:50 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-21 21:14 - 2012-02-03 22:57 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-21 21:08 - 2012-07-24 17:11 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-21 21:08 - 2011-01-14 20:55 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-21 12:12 - 2011-01-18 09:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-21 12:01 - 2014-05-07 17:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-21 12:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat

==================== Files in the root of some directories =======

2011-05-03 10:57 - 2011-11-23 14:29 - 0001854 _____ () C:\Users\lieselot\AppData\Roaming\GhostObjGAFix.xml
2015-01-30 22:29 - 2015-01-30 22:30 - 0000079 _____ () C:\Users\lieselot\AppData\Local\CrystalDiskMark30.ini
2011-12-01 21:04 - 2013-06-22 20:06 - 0007615 _____ () C:\Users\lieselot\AppData\Local\Resmon.ResmonCfg
2011-01-09 20:54 - 2011-01-09 20:54 - 0000003 _____ () C:\ProgramData\MusicStation.log
2011-01-09 20:50 - 2011-01-09 20:50 - 0000243 _____ () C:\ProgramData\MusicStation.xml
2010-08-23 13:29 - 2010-08-23 13:29 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-05-17 10:50 - 2010-05-17 10:50 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-08-23 13:28 - 2010-08-23 13:28 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-05-17 10:46 - 2010-05-17 10:46 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-08-23 13:28 - 2010-08-23 13:28 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-08-23 13:28 - 2010-08-23 13:28 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-05-17 10:45 - 2010-05-17 10:46 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-05-17 10:46 - 2010-05-17 10:50 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-08-23 13:29 - 2010-08-23 13:29 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Some content of TEMP:
====================
C:\Users\lieselot\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\lieselot\AppData\Local\Temp\Quarantine.exe
C:\Users\lieselot\AppData\Local\Temp\SAS6_Update.exe
C:\Users\lieselot\AppData\Local\Temp\sqlite3.dll
C:\Users\lieselot\AppData\Local\Temp\Step2.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows-opstartbeheer
---------------------
id                      {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  nl-NL
inherit                 {globalsettings}
extendedinput           Yes
default                 {current}
resumeobject            {c279be75-9b51-11de-9b93-a29d207e6d0e}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
customactions           0x1000085000001
                        0x5400000f
custom:5400000f         {51505d4f-af02-11df-8c2b-dbcde293f4c5}

Windows-opstartlaadprogramma
----------------------------
id                      {51505d4f-af02-11df-8c2b-dbcde293f4c5}
device                  ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{51505d50-af02-11df-8c2b-dbcde293f4c5}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{51505d50-af02-11df-8c2b-dbcde293f4c5}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows-opstartlaadprogramma
----------------------------
id                      {572bcd60-ffa7-11d9-aae0-0007e994107d}
device                  ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
path                    \windows\system32\boot\winload.exe
description             Microsoft Windows PE 2.0 
osdevice                ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
systemroot              \windows
detecthal               Yes
winpe                   Yes
ems                     Yes

Windows-opstartlaadprogramma
----------------------------
id                      {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  nl-NL
inherit                 {bootloadersettings}
recoverysequence        {51505d4f-af02-11df-8c2b-dbcde293f4c5}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {c279be75-9b51-11de-9b93-a29d207e6d0e}
nx                      OptIn
numproc                 4
usefirmwarepcisettings  No

Hervatten uit sluimerstand
--------------------------
id                      {c279be75-9b51-11de-9b93-a29d207e6d0e}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  nl-NL
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-geheugentest
--------------------
id                      {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  nl-NL
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-instellingen
----------------
id                      {emssettings}
bootems                 Yes

Debugger-instellingen
---------------------
id                      {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-defecten
------------
id                      {badmemory}

Globale instellingen
--------------------
id                      {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Instellingen voor opstartlaadprogramma
--------------------------------------
id                      {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor-instellingen
-------------------
id                      {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Instellingen voor hervattingslaadprogramma
------------------------------------------
id                      {resumeloadersettings}
inherit                 {globalsettings}

Apparaatopties
--------------
id                      {51505d50-af02-11df-8c2b-dbcde293f4c5}
description             Ramdisk Options
ramdisksdidevice        partition=D:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

Opties voor installatie-RAM-schijf
----------------------------------
id                      {ramdiskoptions}
description             Ramdisk Options
ramdisksdidevice        boot
ramdisksdipath          \boot\boot.sdi



LastRegBack: 2014-10-27 11:58

====================

End Of Log ============================

 

[dorado]

Er staat wel heel veel op, maar idd geen rotzooi. Daarom nog eens verder kijken:

Download de MiniToolBox bij voorkeur naar het bureaublad.

• Dubbelklik op "MiniToolBox.exe" om te tool te starten.
• Let op!!! Windows Vista & 7 gebruikers dienen MiniToolBox.exe als administrator uit te voeren "Rechtermuisknop uitvoeren als",

• Vink vervolgens de onderstaande opties aan.
• List last 10 Event Viewer Content
• List Devices Only Problems
• List Users. Partitions and Memory Size
• List Minidump Files
• List Restore Points aan

• Klik vervolgens op de knop Go.
• Wanneer de tool gereed is wordt er een logbestand geopend, plaats deze als bijlage in je bericht inclusief de probleemomschrijving.
• Dit logbestand wordt tevens op de locatie als results.txt opgeslagen waar de MiniToolbox is uitgevoerd.

 

[john ross]

Ok Dorado,


probleem is dat de laptop traag werkt(opstart duurt lang, ook afsluiten) en eigenlijk op zn geheel niet vlot "draait".


hierbij de log van minitoolbox:

MiniToolBox by Farbar  Version: 30-11-2014
Ran by lieselot (administrator) on 01-02-2015 at 13:57:26
Running from "G:\Nieuwe map"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============
Error: (02/01/2015 01:42:13 PM) (Source: Service Control Manager) (User: )
Description: De AVGIDSAgent-service is gestopt met de specifieke servicefout %%-536753637.

Error: (02/01/2015 01:42:12 PM) (Source: SCardSvr) (User: )
Description: Het systeem kan het opgegeven pad niet vinden.

Error: (02/01/2015 07:45:50 AM) (Source: DCOM) (User: )
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}

Error: (02/01/2015 07:43:53 AM) (Source: Service Control Manager) (User: )
Description: De AVGIDSAgent-service is gestopt met de specifieke servicefout %%-536753637.

Error: (02/01/2015 07:43:53 AM) (Source: SCardSvr) (User: )
Description: Het systeem kan het opgegeven pad niet vinden.

Error: (02/01/2015 07:42:29 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2015 07:19:14 AM) (Source: Service Control Manager) (User: )
Description: De AVGIDSAgent-service is gestopt met de specifieke servicefout %%-536753637.

Error: (02/01/2015 07:19:13 AM) (Source: SCardSvr) (User: )
Description: Het systeem kan het opgegeven pad niet vinden.

Error: (02/01/2015 06:09:46 AM) (Source: SCardSvr) (User: )
Description: Het systeem kan het opgegeven pad niet vinden.

Error: (02/01/2015 02:07:06 AM) (Source: SCardSvr) (User: )
Description: Het systeem kan het opgegeven pad niet vinden.


Microsoft Office Sessions:
=========================

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 3893.86 MB
Available physical RAM: 2446.92 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 5813.11 MB
Total Virtual: 4095.88 MB
Available Virtual: 3985.12 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:449.2 GB) (Free:351 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:16.26 GB) (Free:2.34 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
5 Drive g: (WIN7 SP1 HOME PREMIUM 32BIT NL) (Fixed) (Total:14.91 GB) (Free:7.08 GB) NTFS

========================= Users: ========================================

Gebruikersaccounts voor \\LIESELOTPC

Administrator            Gast                     lieselot                 
De opdracht is voltooid.

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

19-12-2014 10:03:25 Windows Update
22-12-2014 19:13:21 Windows Update
11-01-2015 12:02:43 Windows Update
21-01-2015 11:08:52 Windows Update
21-01-2015 20:13:41 Windows Update
22-01-2015 13:17:06 Windows Update
30-01-2015 09:20:59 Installed KBC-beveiligingscomponenten.
30-01-2015 09:23:44 Installed Rapport
31-01-2015 06:19:07 Installed 3DMark03
01-02-2015 06:12:10 Before uninstall AVG 2014
01-02-2015 06:12:52 Removed AVG 2014
01-02-2015 06:15:09 Before uninstall AVG 2014
01-02-2015 06:15:34 Removed AVG 2014
01-02-2015 06:20:49 avast! antivirus system restore point
01-02-2015 06:39:40 Before uninstall CrystalDiskInfo 5.6.2 Shizuku Edition
01-02-2015 06:41:14 Before uninstall 3DMark03
01-02-2015 06:41:46 Removed 3DMark03

****

End of log ****

 

[dorado]

1. Gebruik Schijfopruiming. Start ’ Alle Programma's ’ Bureau-accessoires ’ Systeemwerkset ’ Schijfopruiming. Klik op Ok. Vink:

• Gedownloade programmabestanden
• Tijdelijke internetbestanden
• Prullenbak
• Tijdelijke bestanden
• Miniaturen

aan. Klik op Ok.


2. Activeer het aantal processors.
Ga naar: Start >> Uitvoeren
Typ: msconfig + [Enter]
Ga naar tabblad Computer opstarten ’ klik op Geavanceerde opties
Kies hier het aantal processors. Dit kan een belangrijke snelheidsverbetering zijn.


3. Lees deze handleiding voor een schone pc.
Bekijk ook om je computer sneller te maken dit & dit artikel.
Traagheid kan ook komen door 1 zwaar AV-pakket zoals McAfee of Norton of zelfs allebei te zijn geïnstalleerd.


4. Stel de Windows Prestatie Index opnieuw samen. Combineer Windowstoets+Pause] ’klik Systeemverhouding is niet beschikbaar


5. Windows maakt gebruik van het ram-geheugen en wisselbestand om tijdelijke informatie weg te schrijven. Met een registeraanpassing zorg je ervoor dat de gegevens zo veel mogelijk in het ram-geheugen worden geplaatst en niet telkens naar het wisselbestand op de trage vaste schijf worden geschreven.
Open Kladblok. Klik op Start → Alle Programma's → Bureau-Accessoires → Kladblok.
Kopieer onderstaande code:

On Error Resume Next

Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.RegWrite "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\DisablePagingExecutive",1,"REG_DWORD"

Message = "Gegevens worden nu zoveel mogelijk in het RAM geheugen geplaatst!" & VbCrLf & "Om iets van deze wijzigingen te merken moet je herstarten!"

X = MsgBox(Message, vbInformation, "Geen virtueel geheugen gebruiken")
Set WshShell = NothingGa naar Bestand - Opslaan als.
Bij "Opslaan in" kies je: Bureaublad.
Bij "Bestandsnaam" zet je:disablevirtualmemory.vbs.
Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
Klik op de knop Opslaan. Dubbelklik disablevirtualmemory.vbs
Bij deze tip is het belangrijk om voor jezelf uit te maken of er een snelheidsverbetering optreedt, Zo niet, dan herstel je de oorspronkelijk situatie.


6. Als de stuurprogramma's niet compatibel of verouderd zijn en in het bijzonder de chipset & video stuurprogramma's kunnen vertraging, bevriezing & blauwe schermen voorkomen.
De meest populaire stuurprogramma sites zijn:
CPU & Chipset drivers: AMD, Intel &; Via
Video stuurprogramma's: ATI, Intel &; Nvidia
Hier vind je een overzicht van computer en software leveranciers & hier van alle computermerken


7. Voer foutcontrole uit:

1. Open "Deze computer",
2. Rechtsklikken op de ''schijf'' waar ''Windows'' is geïnstalleerd. Meestal is dat de C-schijf. Dit is namelijk standaard ingesteld.
3. Kies "Eigenschappen",
4. Ga naar tabblad "Extra",
5. Klik op de knop "Nu controleren" (bij Foutcontrole),
6. Vink "Fouten in het bestandssysteem automatisch corrigeren" aan,
7. Vink "Beschadigde sectoren zoeken en repareren" aan,
8. Druk op "Starten",
9. Er komt een mededeling. Wilt u de schijf controleren de volgende keer dat de computer wordt opgestart?,
10. Klik op "Ja",
11. Herstart je pc,
12. Na het Windows laadscherm komt ''Foutcontrole'' in actie,
13. Als hij klaar is word je pc weer automatisch opnieuw opgestart.

8. Ga naar: Start >> Uitvoeren
Typ: msconfig + [Enter]
Ga naar tabblad Computer opstarten ’ waarna je 1-voor-1 alle processen inschakelt, opnieuw opstart en op die manier kan constateren wat de vertragende factor is....


9. Open de computer en blaas het stof dat in je computer zit weg.


10. Leeg met regelmaat de Windows Prefetchmap.
Telkens wanneer je de computer inschakelt, wordt in de Prefetchmap bijgehouden hoe de computer wordt opgestart en welke programma's je meestal opent. Deze kan echter vervuild raken door het deïnstalleren van programma's en daardoor juist vertragend werken.
Open Kladblok. Klik op Start → Alle Programma's → Bureau-Accessoires → Kladblok.
Kopieer onderstaande code:
Dim fso, startFolder, OlderThanDate

Set fso = CreateObject("Scripting.FileSystemObject")
startFolder = "c:\Windows\prefetch\" ' folder to start deleting (subfolders will also be cleaned)
OlderThanDate = DateAdd("d", -14, Date) ' 14 days (age of files and folders)

DeleteOldFiles startFolder, OlderThanDate

Function DeleteOldFiles(folderName, BeforeDate)
Dim folder, file, fileCollection, folderCollection, subFolder

Set folder = fso.GetFolder(folderName)
Set fileCollection = folder.Files
For Each file In fileCollection
If file.DateLastAccessed < BeforeDate Then
fso.DeleteFile(file.Path)
End If
Next

Set folderCollection = folder.SubFolders
For Each subFolder In folderCollection
DeleteOldFiles subFolder.Path, BeforeDate
Next
End Function

Ga naar Bestand - Opslaan als.
Bij "Opslaan in" kies je: Bureaublad.
Bij "Bestandsnaam" zet je:cleanprefetch.vbs.
Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
Klik op de knop Opslaan. Dubbelklik cleanprefetch.vbs

Je kan bijvoorbeeld dit bv. standaard laten doen door het uitvoeren van een batchbestand op het bureaublad, waarna de computer wordt afgesloten.

Open Kladblok. Klik op Start → Alle Programma's → Bureau-Accessoires → Kladblok.
Kopieer onderstaande code:

runas /user:Administrator wscript "Pad naar het script\cleanprefetch.vbs" //e:vbscript
shutdown /f /t 00 /s

Ga naar Bestand - Opslaan als.
Bij "Opslaan in" kies je: Bureaublad.
Bij "Bestandsnaam" zet je:prefetch.bat.
Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
Klik op de knop Opslaan. Rechtsk prefetch.bat → Als administrator uitvoeren

 

[john ross]

hallo,

schijfopruiming was reeds uitgevoerd, chddsk/f/r ook er waren geen problemen. Read/write speed getestmet crystraldiskmark...ok.


Aantal cpu's was reeds gewijzigd van1 naar 4... volgens www.google heeft dit geen enkele zin.

wegschrijven naar ram is uitgevoerd volgens uw beschrijving.

alle drivers zijn up-to-date

msconfig-opstarten gecheckt


laptop heb ik volledig gedemonteerd(enkele dagen terug) en er lag een "matje" stof op de koelrooster


volgens verschillende pc-sites levert het ledigen van de prefetch map geen enkele tijdswinst op... hooguit enkele milliseconden... toch uitgevoerd


Na dit alles draait hij nog altijd even traag en overweeg om een systeembackup op externe hd te plaatsen en effe proberen met een andere hd,eventueel een ssd.




gr. jan

 

[john ross]

Hallo,


probleem is opgelost: had hd en mem getest met verschillende progjes waaruit bleek dat er geen probleem was maar heb uiteindelijk
toch een andere hd erin gestopt en een image erop gezet.nadien draaide de laptop terug als een zonnetje.
zo zie je maar dat al die testprogrammaatjes eigenlijk amateuristische dingetjes zijn.



Gr. Jan