Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by transit (administrator) on TRANSIT-PC on 26-04-2015 22:59:55
Running from C:\Users\transit\Desktop\stappen\01 - scan analyse
Loaded Profiles: transit & UpdatusUser (Available profiles: transit & UpdatusUser & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 9 (Default browser: Opera)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avpui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\intelli-studio\iupdate.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\intelli-studio\iupdate.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\intelli-studio\iupdate.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\intelli-studio\iupdate.exe <====== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3839137701-2974941544-2065132041-1002\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1904520 2015-04-24] (TomTom)
HKU\S-1-5-21-3839137701-2974941544-2065132041-1002\...\RunOnce: [Uninstall C:\Users\transit\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\transit\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-3839137701-2974941544-2065132041-1002\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3839137701-2974941544-2065132041-1007\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3839137701-2974941544-2065132041-1007\...\Run: [Driver Whiz] => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe /applicationMode:systemTray /showWelcome:false
HKU\S-1-5-21-3839137701-2974941544-2065132041-1007\...\RunOnce: [HKCU] => C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
HKU\S-1-5-21-3839137701-2974941544-2065132041-1007\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs
HKU\S-1-5-21-3839137701-2974941544-2065132041-1007\...\MountPoints2: {1767b950-20e8-11e1-ab1a-8c89a57d6dd6} - I:\iStudio.exe
HKU\S-1-5-21-3839137701-2974941544-2065132041-1007\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-04-26]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\shellex.dll [2015-03-20] (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\shellex.dll [2015-03-20] (Kaspersky Lab ZAO)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3839137701-2974941544-2065132041-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
https://www.google.be/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3839137701-2974941544-2065132041-1007 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKU\S-1-5-21-3839137701-2974941544-2065132041-1007 -> {2077B4E2-3ADF-4315-BC05-B46E93073FAA} URL =
SearchScopes: HKU\S-1-5-21-3839137701-2974941544-2065132041-1007 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3839137701-2974941544-2065132041-1007 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\S-1-5-21-3839137701-2974941544-2065132041-1007 -> {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL =
SearchScopes: HKU\S-1-5-21-3839137701-2974941544-2065132041-1007 -> {F47F85FE-AF0F-4C1F-8EB8-EFFDEAA53904} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-20] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-20] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-20] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-20] (Kaspersky Lab ZAO)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-20] (Kaspersky Lab ZAO)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-20] (Kaspersky Lab ZAO)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-12] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\
[email protected] [2015-03-20] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\
[email protected] [2015-03-20] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\
[email protected] [2015-03-20] ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-08-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Extension: Belgium eID - C:\Program Files (x86)\Mozilla Firefox\extensions\
[email protected] [2013-05-31]
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\
[email protected] [2015-03-20]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\
[email protected] [2015-03-20]
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\
[email protected] [2015-03-20]
Chrome:
=======
CHR Profile: C:\Users\transit\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\transit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-24]
CHR Extension: (Google Docs) - C:\Users\transit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-24]
CHR Extension: (Google Drive) - C:\Users\transit\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-24]
CHR Extension: (YouTube) - C:\Users\transit\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-24]
CHR Extension: (Google Search) - C:\Users\transit\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-24]
CHR Extension: (Google Sheets) - C:\Users\transit\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-24]
CHR Extension: (Bookmark Manager) - C:\Users\transit\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-24]
CHR Extension: (Google Wallet) - C:\Users\transit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-24]
CHR Extension: (Gmail) - C:\Users\transit\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-24]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S4 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2012-12-26] () [File not signed]
R2 EFS; C:\Windows\System32\lsass.exe [31232 2015-03-06] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2015-03-06] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2015-03-06] (Microsoft Corporation) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2015-03-06] (Microsoft Corporation) [File not signed]
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2014-07-21] (Paramount Software UK Ltd)
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2015-03-06] (Microsoft Corporation) [File not signed]
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-14] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2015-03-06] (Microsoft Corporation) [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AVFSFilter; No ImagePath
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 IntcAzAudAddService; No ImagePath
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-03-20] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-03-20] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
S0 nvpciflt; No ImagePath
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [169992 2015-04-02] (Windows ® Win 7 DDK provider)
S3 PSVolAcc; C:\Windows\System32\Drivers\PSVolAcc.sys [12760 2014-07-21] (Paramount Software UK Ltd)
S3 cpuz134; \??\C:\Users\transit\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-26 22:59 - 2015-04-26 22:59 - 00001313 _____ () C:\Users\transit\Desktop\FRST64.exe - Snelkoppeling.lnk
2015-04-26 22:59 - 2015-04-26 22:59 - 00000000 ____D () C:\FRST
2015-04-26 22:19 - 2015-04-26 22:19 - 01528320 _____ () C:\Users\transit\Desktop\msxml6.msi
2015-04-26 21:43 - 2015-04-24 22:05 - 00671904 _____ (Sysinternals - www.sysinternals.com) C:\Users\transit\Desktop\autoruns.exe
2015-04-26 18:42 - 2015-04-26 18:42 - 00001541 _____ () C:\Users\transit\Desktop\Internet Explorer.lnk
2015-04-26 18:01 - 2015-04-26 18:01 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-04-26 18:01 - 2015-04-26 18:01 - 00000000 ____D () C:\Users\transit\AppData\Local\Secunia PSI
2015-04-26 18:01 - 2015-04-26 18:01 - 00000000 ____D () C:\Program Files (x86)\Secunia
2015-04-26 16:02 - 2015-04-26 16:02 - 00053248 _____ () C:\Windows\SysWOW64\zlib.dll
2015-04-26 16:02 - 2015-04-26 16:02 - 00001220 _____ () C:\Users\Public\Desktop\CryptoPrevent.lnk
2015-04-26 16:02 - 2015-04-26 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT
2015-04-26 16:02 - 2015-04-26 16:02 - 00000000 ____D () C:\ProgramData\Foolish IT
2015-04-26 16:02 - 2015-04-26 16:02 - 00000000 ____D () C:\Program Files (x86)\Foolish IT
2015-04-26 15:28 - 2015-04-26 15:28 - 00001234 _____ () C:\DelFix.txt
2015-04-26 15:28 - 2015-04-26 15:28 - 00000000 ____D () C:\Windows\ERUNT
2015-04-26 13:55 - 2015-04-26 13:55 - 00001405 _____ () C:\Users\transit\Desktop\Internet Explorer (64-bit).lnk
2015-04-24 22:05 - 2015-04-24 22:05 - 00671904 _____ (Sysinternals - www.sysinternals.com) C:\Users\transit\Downloads\autoruns.exe
2015-04-24 18:06 - 2015-04-24 18:06 - 23308656 _____ (TomTom International B.V.) C:\Users\transit\Downloads\InstallMyDriveConnect_4_0_1_2117.exe
2015-04-24 09:12 - 2015-04-24 09:12 - 11198509 _____ () C:\Windows\system32\boot_BASE+CSWITCH_1.cab
2015-04-24 09:12 - 2015-04-24 09:12 - 106954752 _____ () C:\Windows\system32\boot_BASE+CSWITCH_1.etl
2015-04-24 09:08 - 2015-04-24 09:08 - 105906176 _____ () C:\Windows\system32\bootPrep_BASE+CSWITCH_6.etl
2015-04-24 09:08 - 2015-04-24 09:08 - 10552856 _____ () C:\Windows\system32\bootPrep_BASE+CSWITCH_6.cab
2015-04-24 09:05 - 2015-04-24 09:05 - 09632989 _____ () C:\Windows\system32\bootPrep_BASE+CSWITCH_5.cab
2015-04-24 09:04 - 2015-04-24 09:04 - 103809024 _____ () C:\Windows\system32\bootPrep_BASE+CSWITCH_5.etl
2015-04-24 09:01 - 2015-04-24 09:01 - 102760448 _____ () C:\Windows\system32\bootPrep_BASE+CSWITCH_4.etl
2015-04-24 09:01 - 2015-04-24 09:01 - 08106547 _____ () C:\Windows\system32\bootPrep_BASE+CSWITCH_4.cab
2015-04-24 08:58 - 2015-04-24 08:58 - 06592173 _____ () C:\Windows\system32\bootPrep_BASE+CSWITCH_3.cab
2015-04-24 08:57 - 2015-04-24 08:57 - 98566144 _____ () C:\Windows\system32\bootPrep_BASE+CSWITCH_3.etl
2015-04-24 08:46 - 2015-04-24 08:46 - 99614720 _____ () C:\Windows\system32\bootPrep_BASE+CSWITCH_2.etl
2015-04-24 08:46 - 2015-04-24 08:46 - 04939683 _____ () C:\Windows\system32\bootPrep_BASE+CSWITCH_2.cab
2015-04-24 08:43 - 2015-04-24 08:43 - 03336576 _____ () C:\Windows\system32\bootPrep_BASE+CSWITCH_1.cab
2015-04-24 08:42 - 2015-04-24 08:42 - 103809024 _____ () C:\Windows\system32\bootPrep_BASE+CSWITCH_1.etl
2015-04-24 08:38 - 2015-04-24 09:12 - 00013201 _____ () C:\Windows\system32\xbootmgr.log
2015-04-24 08:30 - 2015-04-24 08:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-04-24 08:30 - 2015-04-24 08:30 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2015-04-24 08:29 - 2015-04-24 08:30 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-24 08:24 - 2015-04-24 08:24 - 00991536 _____ (Microsoft Corporation) C:\Users\transit\Downloads\sdksetup.exe
2015-04-24 06:35 - 2015-04-26 22:40 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-24 06:35 - 2015-04-26 22:29 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-24 06:35 - 2015-04-24 06:35 - 00004054 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-24 06:35 - 2015-04-24 06:35 - 00003802 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-24 06:35 - 2015-04-24 06:35 - 00002283 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-24 06:35 - 2015-04-24 06:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-23 22:14 - 2015-04-23 22:14 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-04-23 22:09 - 2015-04-23 22:09 - 00000000 ____D () C:\Windows\Sun
2015-04-23 22:08 - 2015-04-23 22:08 - 00000000 ____D () C:\ProgramData\Sun
2015-04-22 21:23 - 2015-04-22 21:23 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-22 21:23 - 2015-04-22 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-22 14:08 - 2015-04-22 14:08 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-TRANSIT-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-22 12:11 - 2015-04-22 12:11 - 00000000 ____D () C:\Users\transit\Documents\Reflect
2015-04-22 12:06 - 2015-04-22 12:06 - 00002483 _____ () C:\Users\Public\Desktop\Reflect.lnk
2015-04-22 12:06 - 2015-04-22 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2015-04-22 12:06 - 2015-04-22 12:06 - 00000000 ____D () C:\Program Files\Macrium
2015-04-22 12:05 - 2015-04-22 12:06 - 00377892 _____ () C:\Reflect_Install.log
2015-04-22 12:03 - 2015-04-22 12:04 - 00000000 ____D () C:\Users\transit\Downloads\Macrium
2015-04-22 12:03 - 2015-04-22 12:04 - 00000000 ____D () C:\ProgramData\Macrium
2015-04-20 00:16 - 2015-03-10 02:31 - 17882112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-20 00:16 - 2015-03-10 02:19 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-20 00:16 - 2015-03-10 02:19 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-20 00:16 - 2015-03-10 02:18 - 10931200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-20 00:16 - 2015-03-10 02:14 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-20 00:16 - 2015-03-10 02:14 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-20 00:16 - 2015-03-10 02:13 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-20 00:16 - 2015-03-10 02:13 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-20 00:16 - 2015-03-10 02:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-20 00:16 - 2015-03-10 02:13 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-20 00:16 - 2015-03-10 02:13 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-20 00:16 - 2015-03-10 02:13 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-20 00:16 - 2015-03-10 02:13 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-20 00:16 - 2015-03-10 02:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-20 00:16 - 2015-03-10 02:12 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-20 00:16 - 2015-03-10 02:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-20 00:16 - 2015-03-10 02:12 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-20 00:16 - 2015-03-10 02:12 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-20 00:16 - 2015-03-10 02:12 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-20 00:16 - 2015-03-10 02:12 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-20 00:16 - 2015-03-10 02:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-20 00:16 - 2015-03-10 02:12 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-20 00:16 - 2015-03-10 01:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-20 00:16 - 2015-03-10 01:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-20 00:16 - 2015-03-10 01:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-20 00:16 - 2015-03-10 01:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-20 00:16 - 2015-03-10 00:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-20 00:16 - 2015-03-10 00:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-20 00:16 - 2015-03-10 00:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-20 00:16 - 2015-03-10 00:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-20 00:16 - 2015-03-10 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-20 00:16 - 2015-03-10 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-20 00:16 - 2015-03-10 00:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-04-20 00:16 - 2015-03-10 00:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-20 00:16 - 2015-03-10 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-20 00:16 - 2015-03-10 00:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-20 00:16 - 2015-03-10 00:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-20 00:16 - 2015-03-10 00:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-20 00:16 - 2015-03-10 00:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-20 00:16 - 2015-03-10 00:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-20 00:16 - 2015-03-10 00:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-20 00:16 - 2015-03-10 00:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-04-20 00:16 - 2015-03-10 00:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-04-20 00:16 - 2015-03-10 00:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-04-18 23:53 - 2015-04-26 18:25 - 00000000 ____D () C:\Users\transit\Desktop\stappen
2015-04-18 23:31 - 2015-04-18 23:31 - 00000000 ____D () C:\Users\transit\AppData\Local\TeamViewer
2015-04-18 23:30 - 2015-04-26 16:27 - 00000975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-18 15:04 - 2015-04-26 17:41 - 00000000 ____D () C:\Windows\pss
2015-04-18 11:42 - 2015-04-18 11:42 - 00001405 _____ () C:\Users\transit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-04-17 17:13 - 2015-04-22 19:21 - 00000008 __RSH () C:\Users\transit\ntuser.pol
2015-04-17 15:18 - 2015-04-17 15:18 - 00003030 _____ () C:\Windows\System32\Tasks\{50C37B14-2259-4BCD-B52E-783030EF8F71}
2015-04-17 15:16 - 2015-04-17 15:16 - 00003030 _____ () C:\Windows\System32\Tasks\{9514EDF2-1A91-4E9F-A395-CB65BC391C6E}
2015-04-17 15:11 - 2015-04-17 15:12 - 00009988 _____ () C:\Windows\iis7.log
2015-04-17 14:54 - 2015-04-17 14:54 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-16 22:30 - 2015-04-16 22:30 - 00000169 _____ () C:\Users\transit\Desktop\Google.url
2015-04-15 16:49 - 2015-04-15 16:50 - 00000000 ____D () C:\Program Files (x86)\Select Search
2015-04-15 16:24 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 16:24 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 16:24 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi(72).dll
2015-04-15 16:24 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 16:24 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 16:24 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 16:24 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2(73).dll
2015-04-15 16:24 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 16:24 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 16:24 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 16:24 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 16:24 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 16:24 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 16:24 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 16:24 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 16:24 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 16:24 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 16:24 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 16:24 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 16:24 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 16:24 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 16:24 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic(41).dll
2015-04-15 16:24 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 16:24 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 16:24 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 16:24 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 16:24 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 16:24 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll(56).dll
2015-04-15 16:24 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win(71).dll
2015-04-15 16:24 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64(69).dll
2015-04-15 16:24 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu(70).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv(50).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32(48).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos(47).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore(60).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase(49).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel(57).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0(52).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt(55).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 16:24 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv(68).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest(65).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli(61).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss(59).exe
2015-04-15 16:24 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg(63).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv(44).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv(62).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32(58).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp(43).dll
2015-04-15 16:24 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 16:24 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 16:24 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 16:24 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass(51).exe
2015-04-15 16:24 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 16:24 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema(42).dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 16:24 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 16:24 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll(79).dll
2015-04-15 16:24 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 16:24 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 16:24 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 16:24 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 16:24 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 16:24 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 16:24 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 16:24 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32(80).dll
2015-04-15 16:24 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 16:24 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32(77).dll
2015-04-15 16:24 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase(78).dll
2015-04-15 16:24 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli(81).dll
2015-04-15 16:24 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 16:24 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 16:24 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp(74).dll
2015-04-15 16:24 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 16:24 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 16:24 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 16:24 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 16:24 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 16:24 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 16:24 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil(46).dll
2015-04-15 16:24 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil(76).dll
2015-04-15 16:24 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet(67).dll
2015-04-15 16:24 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon(64).dll
2015-04-15 16:24 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet(83).dll
2015-04-15 16:24 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon(82).dll
2015-04-15 16:24 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3(53).dll
2015-04-15 16:24 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r(54).dll
2015-04-15 16:24 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 16:24 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 16:24 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32(45).dll
2015-04-15 16:24 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32(75).dll
2015-04-15 16:24 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 16:23 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 16:23 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 16:23 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-02 02:26 - 2015-04-02 02:26 - 00169992 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\psmounterex.sys
2015-03-28 10:17 - 2015-03-28 10:17 - 00000000 ____D () C:\Users\transit\AppData\Local\NVIDIA
2015-03-28 10:10 - 2015-04-16 18:05 - 00000000 ___SD () C:\Windows\system32\GWX
2015-03-28 10:10 - 2015-03-28 10:10 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-03-28 10:09 - 2015-03-28 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-03-28 10:09 - 2015-02-05 19:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-03-28 09:49 - 2015-03-28 09:49 - 00000998 _____ () C:\Users\transit\Desktop\Apple iPhone - Snelkoppeling.lnk
2015-03-28 09:09 - 2015-03-28 09:10 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-03-28 09:05 - 2015-03-28 09:05 - 00000382 _____ () C:\Windows\DirectX.log
2015-03-28 09:04 - 2015-03-28 09:04 - 00002210 _____ () C:\Users\transit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-26 22:54 - 2012-05-17 09:39 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-26 22:35 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-26 22:35 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-26 22:31 - 2011-12-07 17:27 - 01783937 _____ () C:\Windows\WindowsUpdate.log
2015-04-26 22:29 - 2015-03-20 19:32 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-04-26 22:29 - 2015-03-20 15:15 - 00009769 _____ () C:\Windows\setupact.log
2015-04-26 22:29 - 2011-09-06 00:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-26 22:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-26 18:38 - 2009-07-14 07:08 - 00032616 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-26 18:26 - 2014-05-05 17:19 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-26 18:01 - 2012-05-17 11:43 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-26 15:24 - 2012-05-15 20:12 - 00000000 ____D () C:\Users\transit\AppData\Roaming\TeamViewer
2015-04-26 14:35 - 2014-01-26 21:36 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{401E2AD1-3D61-4E10-AEA2-12D09233DAF5}
2015-04-26 13:27 - 2011-05-16 16:47 - 00854064 _____ () C:\Windows\system32\perfh013.dat
2015-04-26 13:27 - 2011-05-16 16:47 - 00192888 _____ () C:\Windows\system32\perfc013.dat
2015-04-26 13:27 - 2009-07-14 07:13 - 01943218 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-24 23:43 - 2015-03-24 16:22 - 00002012 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2015-04-24 18:07 - 2014-01-22 09:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-04-24 18:07 - 2014-01-22 09:47 - 00000000 ____D () C:\Program Files (x86)\MyDrive Connect
2015-04-24 08:31 - 2015-03-20 15:14 - 00015296 _____ () C:\Windows\PFRO.log
2015-04-24 06:35 - 2012-04-27 12:53 - 00000000 ____D () C:\Users\transit\AppData\Local\Deployment
2015-04-24 06:35 - 2011-12-07 17:47 - 00000000 ____D () C:\Users\transit\AppData\Local\Google
2015-04-24 06:35 - 2011-12-07 17:28 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-23 22:15 - 2011-12-15 11:06 - 00000000 ____D () C:\Users\transit\AppData\Local\Adobe
2015-04-23 22:14 - 2015-01-04 18:48 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-04-23 22:14 - 2011-07-18 23:06 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-04-23 22:09 - 2014-03-25 15:03 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-23 22:08 - 2014-03-25 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-22 21:46 - 2014-05-05 17:27 - 00000000 ____D () C:\Windows\hpojj4500
2015-04-22 21:23 - 2014-05-05 17:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-22 19:21 - 2011-12-07 17:33 - 00000000 ____D () C:\Users\transit
2015-04-22 18:20 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-04-22 14:18 - 2015-01-09 15:33 - 00000000 ____D () C:\Windows\system32\log
2015-04-19 13:02 - 2009-07-14 06:45 - 00358224 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-18 23:34 - 2011-12-07 17:34 - 00088536 _____ () C:\Users\transit\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-18 15:01 - 2014-10-04 13:34 - 00000000 ____D () C:\Users\transit\AppData\Local\Unity
2015-04-18 13:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-18 12:38 - 2012-01-25 15:36 - 01916950 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-18 11:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-04-18 11:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2015-04-18 11:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-04-18 11:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-04-18 11:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-18 10:09 - 2015-03-23 19:57 - 00001829 _____ () C:\Windows\system32\ScanResults.xml
2015-04-18 10:04 - 2015-03-23 19:55 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2015-04-17 15:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-17 15:08 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-04-17 15:08 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-04-17 15:07 - 2011-04-12 10:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-04-17 15:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2015-04-17 15:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2015-04-17 14:54 - 2012-05-17 09:39 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-17 14:54 - 2012-05-17 09:39 - 00003878 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-17 14:54 - 2011-08-10 21:09 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-17 14:18 - 2015-03-02 15:33 - 00000000 ____D () C:\Users\DefaultAppPool
2015-04-17 14:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-04-16 19:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 18:06 - 2014-12-11 04:23 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 18:06 - 2014-04-30 15:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 18:05 - 2014-03-25 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-16 18:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-16 03:13 - 2013-08-15 08:48 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 03:05 - 2011-07-18 22:31 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 16:50 - 2015-03-10 14:26 - 00000000 ____D () C:\ProgramData\5786049068603124795
2015-04-14 09:37 - 2014-05-05 17:19 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2014-05-05 17:19 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-05-05 17:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-28 10:09 - 2014-05-02 17:27 - 00000000 ____D () C:\temp
2015-03-28 10:09 - 2011-08-11 23:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-28 10:09 - 2011-08-11 23:22 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-28 09:10 - 2011-07-18 22:51 - 00000000 ____D () C:\Program Files (x86)\Windows Live
==================== Files in the root of some directories =======
2012-05-15 16:33 - 2012-05-15 16:33 - 0002116 _____ () C:\Program Files (x86)\INSTALL.LOG
2011-12-07 20:25 - 2011-12-07 20:25 - 0020816 _____ () C:\Users\transit\AppData\Roaming\UserTile.png
2013-12-19 14:17 - 2014-10-09 13:17 - 0000167 _____ () C:\Users\transit\AppData\Roaming\WB.CFG
2014-05-05 19:19 - 2014-05-05 19:19 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-01-08 23:52 - 2012-01-08 23:52 - 0000000 _____ () C:\ProgramData\cmn_upld.log
2012-01-09 00:09 - 2012-01-09 00:09 - 0000252 _____ () C:\ProgramData\FastPics.log
2014-05-04 19:58 - 2014-05-05 19:15 - 0015205 _____ () C:\ProgramData\hpzinstall.log
2014-05-02 19:33 - 2014-05-02 19:33 - 0000256 _____ () C:\ProgramData\lxee.log
2012-01-09 00:13 - 2012-02-14 10:43 - 0046798 _____ () C:\ProgramData\lxeeJSW.log
2012-01-08 23:57 - 2014-05-02 19:33 - 0109051 _____ () C:\ProgramData\lxeescan.log
2012-01-08 23:52 - 2012-01-08 23:52 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log
2012-01-08 23:52 - 2012-01-08 23:52 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt
Some content of TEMP:
====================
C:\Users\transit\AppData\Local\Temp\jre-8u45-windows-au.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-24 06:55
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2015
Ran by transit at 2015-04-26 23:00:30
Running from C:\Users\transit\Desktop\stappen\01 - scan analyse
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Total Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Total Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
Belgium e-ID middleware 4.0.5 (build 7363) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207363}) (Version: 4.0.7363 - Belgian Government)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DealPly (HKU\.DEFAULT\...\DealPly) (Version: - ) <==== ATTENTION
DJ2540FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
FoxTab PDF Creator (HKU\S-1-5-21-3839137701-2974941544-2065132041-1007\...\FoxTab PDF Creator) (Version: - ) <==== ATTENTION
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP Deskjet 2540 series Basissoftware van het apparaat (HKLM\...\{A7F14256-6DC6-458A-A92D-B5EEF79429AB}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM-x32\...\{50467ECF-F6A9-40EC-A649-67EB6FAD9894}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.3.7299 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware versie 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klik-en-Klaar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Nederlands (HKLM-x32\...\{90140011-0066-0413-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3839137701-2974941544-2065132041-1002\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0413-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ReportViewer 2010 Redistributable (HKLM-x32\...\{C19B3EB6-B54C-3204-A4DF-88432E0C79F7}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3839137701-2974941544-2065132041-1007\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDriveConnect 4.0.0.2117 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.0.2117 - TomTom)
NVIDIA 3D Vision stuurprogramma 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Productverbeteringsonderzoek voor HP Deskjet 2540 series (HKLM\...\{08FB88A2-3FB6-4E82-AD55-393EBAD0E967}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: - )
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5) (HKLM\...\3FE3642036A0F4AEC17772437CE14BB1E67006AA) (Version: 10/04/2011 4.0.0.5 - Fedict)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)
WPT Redistributables (x32 Version: 8.59.29750 - Microsoft) Hidden
WPTx64 (x32 Version: 8.59.29722 - Microsoft) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3839137701-2974941544-2065132041-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\transit\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-3839137701-2974941544-2065132041-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\transit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3839137701-2974941544-2065132041-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\transit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3839137701-2974941544-2065132041-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\transit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3839137701-2974941544-2065132041-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\transit\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3839137701-2974941544-2065132041-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\transit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3839137701-2974941544-2065132041-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\transit\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
26-04-2015 15:28:18 End of disinfection
26-04-2015 18:29:26 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {004A59DD-0CD0-48FE-AD8E-50037D0B5211} - System32\Tasks\{81C5B759-FF0B-46CE-84A8-89D669780F07} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {07511566-5EFA-44D8-B54A-96A839FB4940} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
Task: {08AD675C-78E2-4C28-A195-03D5E3092C32} - System32\Tasks\{ED19E1C3-8C8E-4068-ABBB-3F14C0916900} => C:\digosoft\digo.exe [2012-05-21] ()
Task: {0EF33F4E-247B-4A59-8ECC-AF1CD752B9A3} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {1151529D-38AE-46EC-A02B-1363A1A8D351} - System32\Tasks\{97043C5F-54E3-4B29-90E1-55167C3C6216} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {126D4E91-3891-4847-BAC8-47720DEE87F7} - System32\Tasks\{A80688EE-9AEB-414D-AC41-9BCEF6B0A689} => C:\Users\transit\Desktop\POLAX\polax\Polax.exe
Task: {1CCC9F0E-4523-4FF0-8190-DCABF2C96743} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {1E8A395B-EA24-4F17-A9B9-5DCBC117B411} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {1FDB7AF3-6786-4302-8BCD-5E78A5EB1322} - System32\Tasks\{87DCE43B-5D3C-4981-81B8-CEB1BB2F98AE} => pcalua.exe -a C:\Users\transit\Desktop\windows-live-messenger.exe -d C:\Users\transit\Desktop
Task: {2915B59A-96C8-413C-A63A-7B77B25EEE95} - System32\Tasks\{E6B6C12B-5E62-46A2-8B7B-01F892CD7BA3} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {2D5904E5-E1C4-4A0F-AACA-053FA1F77000} - System32\Tasks\{BECA6EBB-F09F-40F9-999B-6BEACA975A2F} => C:\Users\transit\Desktop\POLAX\polax\Polax.exe
Task: {2F30E610-459D-4D12-BD13-0ABB00195095} - System32\Tasks\{476E3058-9339-41F6-8093-F6DAEF21E489} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {3F6AF2EE-DC50-42CD-B263-93F949D28BA8} - System32\Tasks\{27219742-9C26-4399-988F-BEC36EBA342D} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {451ED1C6-E3C9-493D-9153-E7A4C10FBB45} - System32\Tasks\{A524AE01-64F6-4CF1-B185-84C161D68BE2} => C:\digosoft\digo.exe [2012-05-21] ()
Task: {4CDD61AC-272E-4E8F-BBE7-A5393D517E81} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-24] (Google Inc.)
Task: {5C676637-9DF8-4509-90A0-6E757725816D} - System32\Tasks\{50C37B14-2259-4BCD-B52E-783030EF8F71} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avpui.exe [2014-08-30] (Kaspersky Lab ZAO)
Task: {6CF08229-C3E1-464D-9312-FF1BF08D0168} - System32\Tasks\{D01BDC77-7FD7-4F19-906D-BEBBA2C8913B} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {7226CC10-B3A4-459C-92A5-8C0B954CF9AC} - System32\Tasks\{1E44404E-8B72-452D-8498-10DBE60EBF0C} => C:\digosoft\digo.exe [2012-05-21] ()
Task: {790CA437-1925-47B9-BBF9-AF4335C11EB7} - System32\Tasks\{A02B6ABC-C50D-4680-8DE7-FE0BDDBE7928} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {7A4E990B-41D0-4B85-ACC0-A704048BF869} - System32\Tasks\{3A580740-5F12-4B2B-8145-B4F2CE15A9E3} => pcalua.exe -a "C:\Users\transit\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYUPHMOW\pure9.1.0.124nl.exe" -d C:\Users\transit\Desktop
Task: {808A239B-CB70-4D90-AB08-AB860F7264F8} - System32\Tasks\{F00A7E00-4D5B-4D15-BFF3-9B4AAB175A3D} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {9F41D46B-DAA2-4CDC-A46D-623B99643A20} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {A6CC5361-E4B6-4588-9DFF-9052C8B45294} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A939B57B-4C43-48E4-8DAE-6DEFE4B00EAD} - System32\Tasks\{2B42464D-0E58-47A4-BDC6-382E841EBACE} => C:\digosoft\digo.exe [2012-05-21] ()
Task: {AA04715B-CD3D-4F3C-B269-FEE890575CDB} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {B322BBB8-3653-4A4E-985A-4D968C505D33} - System32\Tasks\{9514EDF2-1A91-4E9F-A395-CB65BC391C6E} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avpui.exe [2014-08-30] (Kaspersky Lab ZAO)
Task: {B4B832A9-9CF0-4976-AE45-B9914FBF119F} - System32\Tasks\{49A2827B-1E9E-4142-91E3-550C21B01A4D} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {C2F93822-6370-4737-9FED-70C4EDDC985B} - System32\Tasks\{0E904838-A6D6-49E6-94C9-9148A50BB3EE} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {C536211A-2615-4B22-95BC-9D101DC8BE33} - System32\Tasks\{F6EA5C37-FEF5-467C-ABDE-771B8D998DCB} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {C6164765-A807-4382-806E-5CA51469142A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {CA1E189F-5F29-4FC4-8EEA-DEF423E7D23B} - System32\Tasks\{17EFE308-059E-46D6-8B1C-70226613F8D6} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {DCF6A5C4-1955-415D-9FCB-28D6E13E67E7} - System32\Tasks\{7D4AD985-F398-41DA-A952-F9C1266F2381} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {DDF08966-2A52-4923-8C81-EF4A0BEAE5FA} - System32\Tasks\{A1E12A37-0C30-495B-8528-02D0F981C87C} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {E030BAE9-671C-4B06-B532-01D38F6263C8} - System32\Tasks\{687B5129-7122-4341-80E4-56FEE542F839} => C:\POLAX\Polax.exe [2001-12-27] ()
Task: {E212C79A-5141-40D2-AEB5-18D833D0336C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {F974BBCB-2D4D-44FD-87E2-01CD6FE2EA96} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-24] (Google Inc.)
Task: {FAEAA3EA-2394-4704-9FA8-E0E353FA964C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2012-01-09 00:18 - 2009-05-18 09:40 - 00053760 _____ () C:\Windows\System32\LXEEPMON.DLL
2012-01-09 00:18 - 2009-01-13 15:15 - 04485120 _____ () C:\Windows\System32\LXEEOEM.DLL
2012-01-08 23:58 - 2009-11-04 15:17 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeedrpp.dll
2014-05-05 20:56 - 2015-02-05 21:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\kpcengine.2.3.dll
2015-04-24 09:12 - 2015-04-24 09:12 - 00140288 _____ () C:\Program Files (x86)\MyDrive Connect\quazip.dll
2014-09-11 17:06 - 2014-09-11 17:06 - 00878592 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\platforms\qwindows.dll
2014-09-11 17:05 - 2014-09-11 17:05 - 00036352 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qgenericbearer.dll
2014-09-11 17:06 - 2014-09-11 17:06 - 00038912 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 00032256 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qdds.dll
2014-09-11 17:05 - 2014-09-11 17:05 - 00021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qgif.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 00027648 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qicns.dll
2014-09-11 17:05 - 2014-09-11 17:05 - 00021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qico.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 00381952 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjp2.dll
2014-09-11 17:05 - 2014-09-11 17:05 - 00204800 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjpeg.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 00218112 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qmng.dll
2014-09-11 17:08 - 2014-09-11 17:08 - 00015872 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qsvg.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 00015360 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtga.dll
2014-09-11 17:15 - 2014-09-11 17:15 - 00307712 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtiff.dll
2014-09-11 17:15 - 2014-09-11 17:15 - 00014848 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwbmp.dll
2014-09-11 17:15 - 2014-09-11 17:15 - 00252928 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwebp.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3839137701-2974941544-2065132041-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\transit\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3839137701-2974941544-2065132041-1007\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\MEDION\Wallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^transit^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SuperOptimizer.lnk => C:\Windows\pss\SuperOptimizer.lnk.Startup
==================== Accounts: =============================
Administrator (S-1-5-21-3839137701-2974941544-2065132041-500 - Administrator - Disabled)
Gast (S-1-5-21-3839137701-2974941544-2065132041-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3839137701-2974941544-2065132041-1010 - Limited - Enabled)
transit (S-1-5-21-3839137701-2974941544-2065132041-1002 - Administrator - Enabled) => C:\Users\transit
UpdatusUser (S-1-5-21-3839137701-2974941544-2065132041-1007 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter
Description: Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8192su
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/26/2015 10:34:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: PSIA.exe, versie: 3.0.0.10004, tijdstempel: 0x54784a82
Naam van module met fout: PSIA.exe, versie: 3.0.0.10004, tijdstempel: 0x54784a82
Uitzonderingscode: 0x40000015
Foutoffset: 0x00093534
Id van proces met fout: 0xa48
Starttijd van toepassing met fout: 0xPSIA.exe0
Pad naar toepassing met fout: PSIA.exe1
Pad naar module met fout: PSIA.exe2
Rapport-id: PSIA.exe3
Error: (04/26/2015 10:23:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: PSIA.exe, versie: 3.0.0.10004, tijdstempel: 0x54784a82
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutoffset: 0x0025ff90
Id van proces met fout: 0xa2c
Starttijd van toepassing met fout: 0xPSIA.exe0
Pad naar toepassing met fout: PSIA.exe1
Pad naar module met fout: PSIA.exe2
Rapport-id: PSIA.exe3
Error: (04/26/2015 10:03:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: PSIA.exe, versie: 3.0.0.10004, tijdstempel: 0x54784a82
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutoffset: 0xeeffee01
Id van proces met fout: 0x888
Starttijd van toepassing met fout: 0xPSIA.exe0
Pad naar toepassing met fout: PSIA.exe1
Pad naar module met fout: PSIA.exe2
Rapport-id: PSIA.exe3
Error: (04/24/2015 06:13:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: digo.exe, versie: 0.0.0.0, tijdstempel: 0x41bdebae
Naam van module met fout: VFP9r.dll, versie: 9.0.0.7423, tijdstempel: 0x49a31c32
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00029842
Id van proces met fout: 0x1334
Starttijd van toepassing met fout: 0xdigo.exe0
Pad naar toepassing met fout: digo.exe1
Pad naar module met fout: digo.exe2
Rapport-id: digo.exe3
Error: (04/24/2015 05:37:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: Explorer.EXE, versie: 6.1.7601.17567, tijdstempel: 0x4d672ee4
Naam van module met fout: wwanapi.dll, versie: 6.1.7600.16385, tijdstempel: 0x4a5be0a8
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00000000000333eb
Id van proces met fout: 0x24c
Starttijd van toepassing met fout: 0xExplorer.EXE0
Pad naar toepassing met fout: Explorer.EXE1
Pad naar module met fout: Explorer.EXE2
Rapport-id: Explorer.EXE3
Error: (04/23/2015 09:58:32 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren van een query voor de IVssWriterCallback-interface. hr = 0x80070005, Toegang geweigerd.
.
Dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces.
Bewerking:
Schrijvergegevens verzamelen
Context:
Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
Naam van schrijver: System Writer
Instantie-id van schrijver: {c43fcb9c-f1cf-469a-8bd8-5318e5f13078}
Error: (04/23/2015 06:45:22 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren van een query voor de IVssWriterCallback-interface. hr = 0x80070005, Toegang geweigerd.
.
Dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces.
Bewerking:
Schrijvergegevens verzamelen
Context:
Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
Naam van schrijver: System Writer
Instantie-id van schrijver: {0c7e9f5c-af52-43b9-a546-987fbf35d1a7}
Error: (04/23/2015 06:41:44 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren van een query voor de IVssWriterCallback-interface. hr = 0x80070005, Toegang geweigerd.
.
Dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces.
Bewerking:
Schrijvergegevens verzamelen
Context:
Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
Naam van schrijver: System Writer
Instantie-id van schrijver: {e8fca787-d916-43a1-8128-09e9346faff3}
System errors:
=============
Error: (04/26/2015 10:34:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Secunia PSI Agent-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.
Error: (04/26/2015 10:24:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Secunia PSI Agent-service is onverwacht beëindigd. Dit is nu 2 keer gebeurd.
Error: (04/26/2015 10:03:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Secunia PSI Agent-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.
Error: (04/26/2015 06:40:20 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Servicebesturingsbeheer heeft na het onverwachte afsluiten van de IKE and AuthIP IPsec Keying Modules-service geprobeerd een herstelactie (Service opnieuw starten) uit te voeren, maar deze actie is met de volgende fout mislukt:
%%1056
Error: (04/26/2015 06:40:20 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Servicebesturingsbeheer heeft na het onverwachte afsluiten van de User Profile Service-service geprobeerd een herstelactie (Service opnieuw starten) uit te voeren, maar deze actie is met de volgende fout mislukt:
%%1056
Error: (04/26/2015 06:40:20 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Servicebesturingsbeheer heeft na het onverwachte afsluiten van de Windows Management Instrumentation-service geprobeerd een herstelactie (Service opnieuw starten) uit te voeren, maar deze actie is met de volgende fout mislukt:
%%1056
Error: (04/26/2015 06:39:20 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Servicebesturingsbeheer heeft na het onverwachte afsluiten van de Server-service geprobeerd een herstelactie (Service opnieuw starten) uit te voeren, maar deze actie is met de volgende fout mislukt:
%%1056
Error: (04/26/2015 06:38:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Windows Management Instrumentation-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 120000 milliseconden worden uitgevoerd: Service opnieuw starten.
Error: (04/26/2015 06:38:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Themes-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 60000 milliseconden worden uitgevoerd: Service opnieuw starten.
Error: (04/26/2015 06:38:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Shell Hardware Detection-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 60000 milliseconden worden uitgevoerd: Service opnieuw starten.
Microsoft Office Sessions:
=========================
Error: (04/26/2015 10:34:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a824000001500093534a4801d0805fb66dd6d2C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exeaf852374-ec53-11e4-a761-8c89a57d6dd6
Error: (04/26/2015 10:23:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82unknown0.0.0.000000000c00000050025ff90a2c01d0805de30ed3f9C:\Program Files (x86)\Secunia\PSI\PSIA.exeunknown2aeaadc5-ec52-11e4-8a69-8c89a57d6dd6
Error: (04/26/2015 10:03:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82unknown0.0.0.000000000c0000005eeffee0188801d0805a83c5d39dC:\Program Files (x86)\Secunia\PSI\PSIA.exeunknown48fb07ec-ec4f-11e4-8a69-8c89a57d6dd6
Error: (04/24/2015 06:13:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: digo.exe0.0.0.041bdebaeVFP9r.dll9.0.0.742349a31c32c000000500029842133401d07ea90537c326C:\digosoft\digo.exeC:\Program Files (x86)\Common Files\microsoft shared\VFP\VFP9r.dllcecb6e61-ea9c-11e4-9697-8c89a57d6dd6
Error: (04/24/2015 05:37:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4wwanapi.dll6.1.7600.163854a5be0a8c000000500000000000333eb24c01d07ea469b2b629C:\Windows\Explorer.EXEC:\Windows\system32\wwanapi.dlld3263667-ea97-11e4-9620-8c89a57d6dd6
Error: (04/23/2015 09:58:32 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Toegang geweigerd.
Bewerking:
Schrijvergegevens verzamelen
Context:
Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
Naam van schrijver: System Writer
Instantie-id van schrijver: {c43fcb9c-f1cf-469a-8bd8-5318e5f13078}
Error: (04/23/2015 06:45:22 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Toegang geweigerd.
Bewerking:
Schrijvergegevens verzamelen
Context:
Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
Naam van schrijver: System Writer
Instantie-id van schrijver: {0c7e9f5c-af52-43b9-a546-987fbf35d1a7}
Error: (04/23/2015 06:41:44 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Toegang geweigerd.
Bewerking:
Schrijvergegevens verzamelen
Context:
Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
Naam van schrijver: System Writer
Instantie-id van schrijver: {e8fca787-d916-43a1-8128-09e9346faff3}
CodeIntegrity Errors:
===================================
Date: 2012-04-26 10:59:24.325
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Users\transit\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
Date: 2012-04-26 10:59:24.315
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Users\transit\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
==================== Memory info ===========================
Processor: Intel® Core i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 32%
Total physical RAM: 4077.64 MB
Available physical RAM: 2732.7 MB
Total Pagefile: 8153.47 MB
Available Pagefile: 6599.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:1811.92 GB) (Free:1754.25 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:46.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1811.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
Farbar Service Scanner Version: 17-01-2015
Ran by transit (administrator) on 26-04-2015 at 23:04:24
Running from "C:\Users\transit\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
System Restore:
============
System Restore Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****