Virus ang låst DNS 127.0.0.1

Jeg har fået et eller andet der låser min DNS til 127.0.0.1 selv om jeg gerne vil have en automatisk som linker op på min youSee forbindelse.
Jeg har testet godt og grundig igennem - med Bitdefender Internet sercurity 2017, Malwarebytes osv osv, men det er åbenbart gemt godt!

Jeg har kørt en rapport med OTL:

OTL logfile created on: 22-01-2017 11:17:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Keld\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

12,00 Gb Total Physical Memory | 7,25 Gb Available Physical Memory | 60,39% Memory free
13,81 Gb Paging File | 8,43 Gb Available in Paging File | 61,02% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 930,63 Gb Total Space | 758,10 Gb Free Space | 81,46% Space Free | Partition Type: NTFS
Drive E: | 2794,39 Gb Total Space | 2078,00 Gb Free Space | 74,36% Space Free | Partition Type: NTFS
Drive H: | 2794,39 Gb Total Space | 1663,43 Gb Free Space | 59,53% Space Free | Partition Type: NTFS

Computer Name: KELD-PC | User Name: Keld | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found –
PRC - [2017-01-22 10:48:07 | 000,602,112 | ---- | M] (OldTimer Tools) – C:\Users\Keld\Downloads\OTL.exe
PRC - [2017-01-13 15:20:28 | 001,106,432 | ---- | M] (Heimdal Security) – C:\Program Files (x86)\Heimdal\Heimdal.Agent.exe
PRC - [2017-01-13 15:20:28 | 000,084,992 | ---- | M] (Heimdal Security) – C:\Program Files (x86)\Heimdal\Heimdal.ClientHost.exe
PRC - [2017-01-13 15:20:28 | 000,060,416 | ---- | M] (Heimdal Security) – C:\Program Files (x86)\Heimdal\Heimdal.SecureDNS.exe
PRC - [2017-01-11 15:00:04 | 006,004,512 | ---- | M] (IObit) – C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2017-01-10 13:36:14 | 003,076,384 | ---- | M] (IObit) – C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
PRC - [2017-01-10 13:36:12 | 001,740,576 | ---- | M] (IObit) – C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2017-01-06 01:03:50 | 026,287,016 | ---- | M] (Dropbox, Inc.) – C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
PRC - [2016-12-22 09:48:20 | 004,915,344 | ---- | M] (AgileBits) – C:\Program Files (x86)\1Password 4\Agile1pAgent.exe
PRC - [2016-12-17 08:41:55 | 000,288,920 | ---- | M] (Google Inc.) – C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
PRC - [2016-12-15 12:55:38 | 010,351,856 | ---- | M] (TeamViewer GmbH) – C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2016-12-08 08:29:38 | 000,935,768 | ---- | M] (Google Inc.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2016-11-10 16:17:44 | 003,331,872 | ---- | M] (IObit) – C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
PRC - [2016-11-04 08:33:56 | 000,100,088 | ---- | M] (TomTom) – C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2016-10-31 14:29:50 | 003,076,896 | ---- | M] (IObit) – C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2016-10-28 15:47:25 | 001,100,392 | ---- | M] (Bitdefender) – C:\Programmer\Bitdefender Agent\ProductAgentService.exe
PRC - [2016-10-28 14:54:10 | 000,360,736 | ---- | M] (IObit) – C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
PRC - [2016-10-18 14:17:02 | 002,275,104 | ---- | M] (IObit) – C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2016-10-14 10:37:14 | 000,462,624 | ---- | M] (IObit) – C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
PRC - [2016-09-20 10:30:12 | 015,067,000 | ---- | M] (Softland) – E:\Program Files (x86)\Softland\FBackup 6\bTray.exe
PRC - [2016-09-20 10:29:00 | 005,117,304 | ---- | M] (Softland) – E:\Program Files (x86)\Softland\FBackup 6\bService.exe
PRC - [2016-07-29 13:57:32 | 003,046,688 | ---- | M] (IObit) – C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2016-07-16 12:43:01 | 000,202,752 | ---- | M] (Microsoft Corporation) – C:\Windows\SysWOW64\cmd.exe
PRC - [2016-06-23 17:56:00 | 003,498,720 | ---- | M] (Adobe Systems Inc.) – E:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
PRC - [2016-06-14 21:03:38 | 002,397,120 | ---- | M] (NVIDIA Corporation) – C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016-06-14 21:03:22 | 001,879,488 | ---- | M] (NVIDIA Corporation) – C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016-03-03 02:59:34 | 002,021,056 | ---- | M] (Adobe Systems, Incorporated) – C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
PRC - [2016-02-29 11:15:56 | 000,573,952 | ---- | M] (Cisco Systems, Inc.) – C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2015-12-21 11:16:36 | 000,269,824 | ---- | M] () – C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
PRC - [2015-08-14 13:03:22 | 000,104,128 | ---- | M] (VMware, Inc.) – E:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
PRC - [2015-08-14 13:03:20 | 000,391,872 | ---- | M] (VMware, Inc.) – C:\Windows\SysWOW64\vmnat.exe
PRC - [2015-08-14 13:03:14 | 000,358,080 | ---- | M] (VMware, Inc.) – C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2015-08-14 12:43:38 | 000,089,792 | ---- | M] (VMware, Inc.) – E:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2015-08-11 13:42:38 | 000,083,312 | ---- | M] (X-Rite Inc.) – C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
PRC - [2015-07-09 12:15:34 | 000,253,528 | ---- | M] () – C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2015-01-09 08:47:08 | 000,235,624 | ---- | M] (CANON INC.) – C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2014-10-01 13:50:46 | 008,451,392 | ---- | M] (TechSmith Corporation) – C:\Program Files (x86)\TechSmith\Snagit 12\snagiteditor.exe
PRC - [2014-10-01 13:50:46 | 000,138,048 | ---- | M] (TechSmith Corporation) – C:\Program Files (x86)\TechSmith\Snagit 12\SnagPriv.exe
PRC - [2014-10-01 13:50:44 | 007,343,424 | ---- | M] (TechSmith Corporation) – C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe
PRC - [2014-10-01 13:47:54 | 000,046,080 | ---- | M] (TechSmith Corporation) – C:\Program Files (x86)\TechSmith\Snagit 12\TSCHelp.exe

========== Modules (No Company Name) ==========

MOD - [2017-01-06 01:04:24 | 000,022,360 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
MOD - [2017-01-06 01:04:22 | 000,025,432 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
MOD - [2017-01-06 01:04:22 | 000,024,920 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
MOD - [2017-01-06 01:04:22 | 000,023,384 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
MOD - [2017-01-06 01:04:22 | 000,020,816 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
MOD - [2017-01-06 01:04:22 | 000,020,808 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
MOD - [2017-01-06 01:04:22 | 000,020,296 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
MOD - [2017-01-06 01:04:22 | 000,019,792 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
MOD - [2017-01-06 01:04:20 | 000,037,200 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
MOD - [2017-01-06 01:04:20 | 000,021,328 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
MOD - [2017-01-06 01:04:18 | 000,381,760 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
MOD - [2017-01-06 01:04:16 | 000,019,776 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
MOD - [2017-01-06 01:04:12 | 003,928,896 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
MOD - [2017-01-06 01:04:10 | 000,224,064 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
MOD - [2017-01-06 01:04:10 | 000,171,336 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
MOD - [2017-01-06 01:04:10 | 000,133,432 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
MOD - [2017-01-06 01:04:08 | 000,546,104 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
MOD - [2017-01-06 01:04:08 | 000,357,688 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
MOD - [2017-01-06 01:04:08 | 000,042,816 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
MOD - [2017-01-06 01:04:06 | 001,972,536 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
MOD - [2017-01-06 01:04:06 | 000,531,264 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
MOD - [2017-01-06 01:04:06 | 000,207,680 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
MOD - [2017-01-06 01:04:04 | 001,826,104 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
MOD - [2017-01-06 01:04:02 | 000,052,032 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
MOD - [2017-01-06 01:04:02 | 000,024,400 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
MOD - [2017-01-06 01:04:00 | 000,038,712 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
MOD - [2017-01-06 01:04:00 | 000,031,576 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled.enterprise_data.pyd
MOD - [2017-01-06 01:03:58 | 000,084,288 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
MOD - [2017-01-06 01:03:56 | 001,682,768 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings.openssl.pyd
MOD - [2017-01-06 01:03:56 | 000,026,464 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled.driverinstallation.pyd
MOD - [2017-01-06 01:03:56 | 000,020,816 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings.padding.pyd
MOD - [2017-01-06 01:03:54 | 000,020,824 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings.constant_time.pyd
MOD - [2017-01-06 01:03:54 | 000,020,288 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\cpuid.compiled.cpuid.pyd
MOD - [2017-01-06 01:03:52 | 000,246,608 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
MOD - [2016-12-22 03:04:04 | 000,293,392 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
MOD - [2016-12-08 08:29:44 | 001,829,208 | ---- | M] () – C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
MOD - [2016-12-08 08:29:43 | 000,085,848 | ---- | M] () – C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
MOD - [2016-12-08 02:08:48 | 001,631,184 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
MOD - [2016-12-08 02:08:48 | 000,017,864 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\libEGL.dll
MOD - [2016-12-08 02:04:26 | 000,350,152 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
MOD - [2016-12-08 02:04:26 | 000,116,176 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32security.pyd
MOD - [2016-12-08 02:04:26 | 000,048,592 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32service.pyd
MOD - [2016-12-08 02:04:26 | 000,028,616 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
MOD - [2016-12-08 02:04:24 | 000,060,880 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32print.pyd
MOD - [2016-12-08 02:04:24 | 000,043,472 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32process.pyd
MOD - [2016-12-08 02:04:24 | 000,030,160 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
MOD - [2016-12-08 02:04:24 | 000,024,016 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
MOD - [2016-12-08 02:04:22 | 000,175,560 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
MOD - [2016-12-08 02:04:12 | 000,124,880 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32file.pyd
MOD - [2016-12-08 02:04:12 | 000,057,808 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
MOD - [2016-12-08 02:04:12 | 000,024,528 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32event.pyd
MOD - [2016-12-08 02:04:12 | 000,024,016 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
MOD - [2016-12-08 02:04:10 | 000,105,928 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\win32api.pyd
MOD - [2016-12-08 02:04:10 | 000,020,936 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
MOD - [2016-12-08 02:02:10 | 000,241,104 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client_jpegtran.pyd
MOD - [2016-12-08 02:01:18 | 000,123,856 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client_cffi_backend.pyd
MOD - [2016-12-08 02:01:16 | 000,083,912 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\sip.pyd
MOD - [2016-12-08 02:01:16 | 000,019,408 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
MOD - [2016-12-08 02:00:26 | 000,100,296 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client_ctypes.pyd
MOD - [2016-12-08 02:00:26 | 000,035,792 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client_multiprocessing.pyd
MOD - [2016-12-08 02:00:20 | 000,694,224 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
MOD - [2016-12-08 02:00:16 | 000,145,864 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
MOD - [2016-12-08 02:00:16 | 000,018,888 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\select.pyd
MOD - [2016-12-08 02:00:14 | 000,392,144 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
MOD - [2016-12-08 02:00:14 | 000,116,688 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
MOD - [2016-12-08 01:57:22 | 000,036,296 | ---- | M] () – C:\Program Files (x86)\Dropbox\Client\librsync.dll
MOD - [2016-11-01 10:11:58 | 000,078,624 | ---- | M] () – C:\Program Files (x86)\IObit\Advanced SystemCare\GetProcessDLL.dll
MOD - [2016-09-26 13:59:22 | 000,631,072 | ---- | M] () – C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
MOD - [2016-09-26 13:59:22 | 000,631,072 | ---- | M] () – C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2016-09-20 10:16:24 | 000,481,280 | R— | M] () – E:\Program Files (x86)\Softland\FBackup 6\bResourceStrings.bpl
MOD - [2016-08-18 18:43:40 | 000,442,144 | ---- | M] () – C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept
.bpl
MOD - [2016-08-18 18:43:36 | 000,059,680 | ---- | M] () – C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm
.bpl
MOD - [2016-08-18 18:43:34 | 000,210,720 | ---- | M] () – C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic
.bpl
MOD - [2016-06-21 19:30:02 | 000,442,144 | ---- | M] () – C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept
.bpl
MOD - [2016-06-21 19:29:58 | 000,059,680 | ---- | M] () – C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm
.bpl
MOD - [2016-06-21 19:29:56 | 000,210,720 | ---- | M] () – C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic
.bpl
MOD - [2016-06-14 21:03:38 | 000,018,880 | ---- | M] () – C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2015-12-28 13:50:58 | 000,899,872 | ---- | M] () – C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
MOD - [2015-12-28 13:50:58 | 000,899,872 | ---- | M] () – C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
MOD - [2015-12-21 11:16:36 | 000,966,144 | ---- | M] () – C:\Program Files (x86)\Syncios\androidSyncCore_pdm.dll
MOD - [2015-12-21 11:16:36 | 000,398,848 | ---- | M] () – C:\Program Files (x86)\Syncios\DuiLib.dll
MOD - [2015-12-21 11:16:36 | 000,269,824 | ---- | M] () – C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
MOD - [2015-12-21 11:16:36 | 000,176,128 | ---- | M] () – C:\Program Files (x86)\Syncios\driverMgr4Transfer_pdt.dll
MOD - [2015-12-18 16:51:50 | 000,073,728 | ---- | M] () – C:\Program Files (x86)\Syncios\generalFunc_pdt.dll
MOD - [2014-10-01 11:51:52 | 002,099,200 | ---- | M] () – C:\Program Files (x86)\TechSmith\Snagit 12\opencv_core249.dll
MOD - [2014-10-01 11:51:52 | 001,914,368 | ---- | M] () – C:\Program Files (x86)\TechSmith\Snagit 12\opencv_imgproc249.dll
MOD - [2014-10-01 11:51:52 | 000,050,688 | ---- | M] () – C:\Program Files (x86)\TechSmith\Snagit 12\ScrollingCapture.dll
MOD - [2012-09-23 20:44:10 | 000,010,240 | ---- | M] () – E:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\da_DK\AcroTray.DAN

========== Services (SafeList) ==========

SRV:64bit: - [2017-01-17 17:12:34 | 001,526,528 | ---- | M] (Bitdefender) [Auto | Running] – C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe – (vsserv)
SRV:64bit: - [2017-01-17 17:12:26 | 000,218,416 | ---- | M] (Bitdefender) [Auto | Running] – C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe – (UPDATESRV)
SRV:64bit: - [2017-01-06 01:04:24 | 000,051,504 | ---- | M] (Dropbox, Inc.) [On_Demand | Stopped] – C:\Windows\SysNative\DbxSvc.exe – (DbxSvc)
SRV:64bit: - [2016-12-27 18:12:12 | 000,805,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\FrameServer.dll – (FrameServer)
SRV:64bit: - [2016-12-27 18:12:10 | 000,447,488 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\das.dll – (DeviceAssociationService)
SRV:64bit: - [2016-12-27 18:12:10 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\NetSetupSvc.dll – (NetSetupSvc)
SRV:64bit: - [2016-12-27 18:12:07 | 000,635,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\FlightSettings.dll – (wisvc)
SRV:64bit: - [2016-12-27 18:12:03 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\lsm.dll – (LSM)
SRV:64bit: - [2016-12-27 18:12:03 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\RDXService.dll – (RetailDemo)
SRV:64bit: - [2016-12-27 18:12:01 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\SensorDataService.exe – (SensorDataService)
SRV:64bit: - [2016-12-27 18:12:01 | 001,020,928 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\usermgr.dll – (UserManager)
SRV:64bit: - [2016-12-27 18:12:01 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\PhoneService.dll – (PhoneSvc)
SRV:64bit: - [2016-12-27 18:12:01 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\Windows.Internal.Management.dll – (DmEnrollmentSvc)
SRV:64bit: - [2016-12-27 18:12:01 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll – (EntAppSvc)
SRV:64bit: - [2016-12-27 18:12:01 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\RMapi.dll – (RmSvc)
SRV:64bit: - [2016-12-27 18:11:57 | 001,980,416 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\diagtrack.dll – (DiagTrack)
SRV:64bit: - [2016-12-27 18:11:57 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\ngcsvc.dll – (NgcSvc)
SRV:64bit: - [2016-12-27 18:11:57 | 000,770,560 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\bisrv.dll – (BrokerInfrastructure)
SRV:64bit: - [2016-12-27 18:11:57 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\SensorService.dll – (SensorService)
SRV:64bit: - [2016-12-27 18:11:57 | 000,203,776 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] – C:\Windows\SysNative\PimIndexMaintenance.dll – (PimIndexMaintenanceSvc)
SRV:64bit: - [2016-12-27 18:11:57 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\LicenseManagerSvc.dll – (LicenseManager)
SRV:64bit: - [2016-12-27 18:11:54 | 004,136,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\Windows.StateRepository.dll – (StateRepository)
SRV:64bit: - [2016-12-27 18:11:54 | 002,104,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\wlidsvc.dll – (wlidsvc)
SRV:64bit: - [2016-12-27 18:11:54 | 000,082,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\SysNative\moshost.dll – (MapsBroker)
SRV:64bit: - [2016-12-27 18:11:52 | 001,013,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\XblAuthManager.dll – (XblAuthManager)
SRV:64bit: - [2016-12-27 18:11:52 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\AppReadiness.dll – (AppReadiness)
SRV:64bit: - [2016-12-27 18:11:52 | 000,411,648 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\cdpsvc.dll – (CDPSvc)
SRV:64bit: - [2016-12-27 18:11:52 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvcext.dll – (vmicvss)
SRV:64bit: - [2016-12-27 18:11:52 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvcext.dll – (vmicrdv)
SRV:64bit: - [2016-12-27 18:11:52 | 000,339,456 | ---- | M] (Microsoft Corporation) [Auto | Unknown] – C:\Windows\SysNative\cdpusersvc.dll – (CDPUserSvc)
SRV:64bit: - [2016-12-27 18:11:52 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvc.dll – (vmicvmsession)
SRV:64bit: - [2016-12-27 18:11:52 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvc.dll – (vmictimesync)
SRV:64bit: - [2016-12-27 18:11:52 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvc.dll – (vmicshutdown)
SRV:64bit: - [2016-12-27 18:11:52 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvc.dll – (vmickvpexchange)
SRV:64bit: - [2016-12-27 18:11:52 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvc.dll – (vmicheartbeat)
SRV:64bit: - [2016-12-27 18:11:52 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\icsvc.dll – (vmicguestinterface)
SRV:64bit: - [2016-12-27 18:11:52 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\SysNative\tzautoupdate.dll – (tzautoupdate)
SRV:64bit: - [2016-12-27 18:11:50 | 000,764,392 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\CoreMessaging.dll – (CoreMessagingRegistrar)
SRV:64bit: - [2016-12-27 18:11:50 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\smphost.dll – (smphost)
SRV:64bit: - [2016-12-21 07:51:53 | 002,275,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\AppXDeploymentServer.dll – (AppXSvc)
SRV:64bit: - [2016-12-14 06:33:21 | 000,822,624 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\SysNative\AppVClient.exe – (AppVClient)
SRV:64bit: - [2016-12-14 05:43:24 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\ScDeviceEnum.dll – (ScDeviceEnum)
SRV:64bit: - [2016-12-14 05:36:59 | 000,539,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\usocore.dll – (UsoSvc)
SRV:64bit: - [2016-12-14 05:23:43 | 001,231,872 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\SysNative\dosvc.dll – (DoSvc)
SRV:64bit: - [2016-11-02 11:22:02 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\AudioEndpointBuilder.dll – (AudioEndpointBuilder)
SRV:64bit: - [2016-07-17 01:14:19 | 001,227,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\SysNative\AgentService.exe – (UevAgentService)
SRV:64bit: - [2016-07-17 01:14:14 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\appmgmts.dll – (AppMgmt)
SRV:64bit: - [2016-07-16 12:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\wiarpc.dll – (WiaRpc)
SRV:64bit: - [2016-07-16 12:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\WalletService.dll – (WalletService)
SRV:64bit: - [2016-07-16 12:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\NcaSvc.dll – (NcaSvc)
SRV:64bit: - [2016-07-16 12:43:10 | 001,836,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\workfolderssvc.dll – (workfolderssvc)
SRV:64bit: - [2016-07-16 12:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\NcdAutoSetup.dll – (NcdAutoSetup)
SRV:64bit: - [2016-07-16 12:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll – (shpamsvc)
SRV:64bit: - [2016-07-16 12:42:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\XboxNetApiSvc.dll – (XboxNetApiSvc)
SRV:64bit: - [2016-07-16 12:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\dmwappushsvc.dll – (dmwappushservice)
SRV:64bit: - [2016-07-16 12:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\efssvc.dll – (EFS)
SRV:64bit: - [2016-07-16 12:42:37 | 000,718,848 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wcmsvc.dll – (Wcmsvc)
SRV:64bit: - [2016-07-16 12:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\dcpsvc.dll – (DcpSvc)
SRV:64bit: - [2016-07-16 12:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\SysNative\netlogon.dll – (Netlogon)
SRV:64bit: - [2016-07-16 12:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\keyiso.dll – (KeyIso)
SRV:64bit: - [2016-07-16 12:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe – (diagnosticshub.standardcollector.service)
SRV:64bit: - [2016-07-16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\svchost.exe – (WpnUserService_1673c1)
SRV:64bit: - [2016-07-16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\svchost.exe – (UserDataSvc_1673c1)
SRV:64bit: - [2016-07-16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\svchost.exe – (UnistoreSvc_1673c1)
SRV:64bit: - [2016-07-16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\svchost.exe – (PimIndexMaintenanceSvc_1673c1)
SRV:64bit: - [2016-07-16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\svchost.exe – (OneSyncSvc_1673c1)
SRV:64bit: - [2016-07-16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\svchost.exe – (MessagingService_1673c1)
SRV:64bit: - [2016-07-16 12:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\svchost.exe – (CDPUserSvc_1673c1)
SRV:64bit: - [2016-07-16 12:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Unknown] – C:\Windows\SysNative\APHostService.dll – (OneSyncSvc)
SRV:64bit: - [2016-07-16 12:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\wephostsvc.dll – (WEPHOSTSVC)
SRV:64bit: - [2016-07-16 12:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\TieringEngineService.exe – (TieringEngineService)
SRV:64bit: - [2016-07-16 12:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\fhsvc.dll – (fhsvc)
SRV:64bit: - [2016-07-16 12:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\svsvc.dll – (svsvc)
SRV:64bit: - [2016-07-16 12:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\SmsRouterSvc.dll – (SmsRouter)
SRV:64bit: - [2016-07-16 12:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\netprofmsvc.dll – (netprofm)
SRV:64bit: - [2016-07-16 12:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] – C:\Windows\SysNative\MessagingService.dll – (MessagingService)
SRV:64bit: - [2016-07-16 12:42:09 | 001,512,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] – C:\Windows\SysNative\UserDataService.dll – (UserDataSvc)
SRV:64bit: - [2016-07-16 12:42:09 | 001,184,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] – C:\Windows\SysNative\Unistore.dll – (UnistoreSvc)
SRV:64bit: - [2016-07-16 12:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\tileobjserver.dll – (tiledatamodelsvc)
SRV:64bit: - [2016-07-16 12:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\SystemEventsBrokerServer.dll – (SystemEventsBroker)
SRV:64bit: - [2016-07-16 12:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\vaultsvc.dll – (VaultSvc)
SRV:64bit: - [2016-07-16 12:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\ncbservice.dll – (NcbService)
SRV:64bit: - [2016-07-16 12:42:09 | 000,326,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\NgcCtnrSvc.dll – (NgcCtnrSvc)
SRV:64bit: - [2016-07-16 12:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wpnservice.dll – (WpnService)
SRV:64bit: - [2016-07-16 12:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\tetheringservice.dll – (icssvc)
SRV:64bit: - [2016-07-16 12:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\TimeBrokerServer.dll – (TimeBrokerSvc)
SRV:64bit: - [2016-07-16 12:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] – C:\Windows\SysNative\WpnUserService.dll – (WpnUserService)
SRV:64bit: - [2016-07-16 12:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\lfsvc.dll – (lfsvc)
SRV:64bit: - [2016-07-16 12:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\DevQueryBroker.dll – (DevQueryBroker)
SRV:64bit: - [2016-07-16 12:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\XblGameSave.dll – (XblGameSave)
SRV:64bit: - [2016-07-16 12:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\ClipSVC.dll – (ClipSVC)
SRV:64bit: - [2016-07-16 12:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\AJRouter.dll – (AJRouter)
SRV:64bit: - [2016-07-16 12:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\DeviceSetupManager.dll – (DsmSvc)
SRV:64bit: - [2016-07-16 12:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\dssvc.dll – (DsSvc)
SRV:64bit: - [2016-07-16 12:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\embeddedmodesvc.dll – (embeddedmode)
SRV:64bit: - [2016-07-16 12:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\hvhostsvc.dll – (HvHost)
SRV:64bit: - [2016-07-16 12:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll – (PrintNotify)
SRV:64bit: - [2016-07-16 12:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\BthHFSrv.dll – (BthHFSrv)
SRV:64bit: - [2012-05-16 23:00:00 | 000,144,560 | ---- | M] (Seiko Epson Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\escsvc64.exe – (EpsonScanSvc)
SRV - [2017-01-22 01:24:10 | 000,270,936 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] – C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe – (AdobeFlashPlayerUpdateSvc)
SRV - [2017-01-13 15:20:28 | 000,084,992 | ---- | M] (Heimdal Security) [Auto | Running] – C:\Program Files (x86)\Heimdal\Heimdal.ClientHost.exe – (Heimdal Client Host)
SRV - [2017-01-13 15:20:28 | 000,060,416 | ---- | M] (Heimdal Security) [Auto | Running] – C:\Program Files (x86)\Heimdal\Heimdal.SecureDNS.exe – (Heimdal SecureDNS)
SRV - [2017-01-10 13:36:12 | 001,740,576 | ---- | M] (IObit) [Auto | Running] – C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe – (IMFservice)
SRV - [2016-12-27 18:12:13 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysWOW64\Windows.Internal.Management.dll – (DmEnrollmentSvc)
SRV - [2016-12-27 18:11:50 | 003,370,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysWOW64\Windows.StateRepository.dll – (StateRepository)
SRV - [2016-12-27 18:11:50 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysWOW64\CoreMessaging.dll – (CoreMessagingRegistrar)
SRV - [2016-12-27 18:11:50 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysWOW64\smphost.dll – (smphost)
SRV - [2016-12-25 16:37:04 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] – C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe – (MozillaMaintenance)
SRV - [2016-12-15 12:55:38 | 010,351,856 | ---- | M] (TeamViewer GmbH) [Auto | Running] – C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe – (TeamViewer)
SRV - [2016-12-14 13:13:42 | 004,317,648 | ---- | M] (Malwarebytes) [Auto | Running] – C:\Programmer\Malwarebytes\Anti-Malware\MBAMService.exe – (MBAMService)
SRV - [2016-12-12 17:10:58 | 000,111,296 | ---- | M] () [Auto | Running] – C:\Programmer\Jotta\vss\jVSS.exe – (Jotta VSS Service)
SRV - [2016-11-04 08:33:56 | 000,100,088 | ---- | M] (TomTom) [Auto | Running] – C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe – (TomTomHOMEService)
SRV - [2016-10-28 15:47:25 | 001,100,392 | ---- | M] (Bitdefender) [Auto | Running] – C:\Programmer\Bitdefender Agent\ProductAgentService.exe – (ProductAgentService)
SRV - [2016-10-28 14:54:10 | 000,360,736 | ---- | M] (IObit) [Auto | Running] – C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe – (IObitUnSvr)
SRV - [2016-10-14 10:37:14 | 000,462,624 | ---- | M] (IObit) [Auto | Running] – C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe – (AdvancedSystemCareService10)
SRV - [2016-09-20 10:29:00 | 005,117,304 | ---- | M] (Softland) [Auto | Running] – E:\Program Files (x86)\Softland\FBackup 6\bService.exe – (FBackup6Srv)
SRV - [2016-08-25 16:53:08 | 000,524,872 | ---- | M] (Bitdefender) [Auto | Running] – C:\Programmer\Bitdefender\Bitdefender 2017\vsservp.exe – (vsservp)
SRV - [2016-08-04 22:04:10 | 000,042,144 | ---- | M] (Pranas.NET) [Auto | Running] – C:\Program Files (x86)\Pranas.NET\MySQLBackupFTP\MySqlBFService.exe – (MySqlBF Service)
SRV - [2016-07-29 13:57:32 | 003,046,688 | ---- | M] (IObit) [Auto | Running] – C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe – (LiveUpdateSvc)
SRV - [2016-07-16 12:42:55 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] – C:\Windows\SysWOW64\Unistore.dll – (UnistoreSvc)
SRV - [2016-07-16 12:41:50 | 003,318,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll – (PrintNotify)
SRV - [2016-06-14 21:03:22 | 001,879,488 | ---- | M] (NVIDIA Corporation) [Auto | Running] – C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe – (NvNetworkService)
SRV - [2016-06-14 21:03:21 | 001,163,712 | ---- | M] (NVIDIA Corporation) [Auto | Running] – C:\Programmer\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe – (GfExperienceService)
SRV - [2016-06-14 21:03:09 | 002,521,024 | ---- | M] (NVIDIA Corporation) [Auto | Running] – C:\Programmer\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe – (NvStreamSvc)
SRV - [2016-06-14 21:03:08 | 003,632,576 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] – C:\Programmer\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe – (NvStreamNetworkSvc)
SRV - [2016-04-27 16:08:43 | 000,143,144 | ---- | M] (Dropbox, Inc.) [On_Demand | Stopped] – C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe – (dbupdatem)
SRV - [2016-04-27 16:08:43 | 000,143,144 | ---- | M] (Dropbox, Inc.) [Auto | Stopped] – C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe – (dbupdate)
SRV - [2016-04-22 07:56:22 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe – (AdobeARMservice)
SRV - [2016-03-09 10:41:18 | 000,232,192 | ---- | M] (NETGEAR) [On_Demand | Stopped] – C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe – (NETGEARGenieDaemon)
SRV - [2016-03-03 02:59:34 | 002,021,056 | ---- | M] (Adobe Systems, Incorporated) [Auto | Running] – C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe – (AGSService)
SRV - [2016-02-29 11:15:56 | 000,573,952 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] – C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe – (vpnagent)
SRV - [2015-08-27 15:19:39 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] – C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe – (FLEXnet Licensing Service)
SRV - [2015-08-16 16:28:45 | 003,783,672 | ---- | M] (Acronis) [On_Demand | Stopped] – C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe – (afcdpsrv)
SRV - [2015-08-14 13:03:20 | 000,391,872 | ---- | M] (VMware, Inc.) [Auto | Running] – C:\Windows\SysWOW64\vmnat.exe – (VMware NAT Service)
SRV - [2015-08-14 13:03:14 | 000,358,080 | ---- | M] (VMware, Inc.) [Auto | Running] – C:\Windows\SysWOW64\vmnetdhcp.exe – (VMnetDHCP)
SRV - [2015-08-14 13:02:14 | 012,465,344 | ---- | M] () [Auto | Stopped] – E:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe – (VMwareHostd)
SRV - [2015-08-14 12:43:38 | 000,089,792 | ---- | M] (VMware, Inc.) [Auto | Running] – E:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe – (VMAuthdService)
SRV - [2015-08-11 18:27:04 | 000,906,944 | ---- | M] (VMware, Inc.) [Auto | Running] – C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe – (VMUSBArbService)
SRV - [2015-08-11 13:42:38 | 000,083,312 | ---- | M] (X-Rite Inc.) [Auto | Running] – C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe – (xrdd.exe)
SRV - [2015-07-22 14:33:12 | 000,680,112 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] – C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe – (AdobeUpdateService)
SRV - [2015-07-09 12:15:34 | 000,253,528 | ---- | M] () [Auto | Running] – C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE – (IJPLMSVC)
SRV - [2015-07-02 21:21:26 | 000,356,808 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] – C:\Programmer\Common Files\Logishrd\Bluetooth\LBTServ.exe – (LBTServ)
SRV - [2015-06-29 16:46:48 | 003,134,400 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] – e:\Program Files\Raxco\PDAgent.exe – (PDAgent)
SRV - [2015-06-29 16:46:46 | 003,476,416 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] – C:\Programmer\Common Files\Raxco\Shared\PDEngine.exe – (PDEngine)
SRV - [2014-09-15 16:04:00 | 000,181,512 | ---- | M] (CYREN Inc.) [On_Demand | Stopped] – C:\Programmer\Common Files\Commtouch\AntiVirus5\vseqrts.exe – (vseqrts)
SRV - [2014-09-15 16:03:58 | 000,119,560 | ---- | M] (CYREN Inc.) [On_Demand | Stopped] – C:\Programmer\Common Files\Commtouch\AntiVirus5\vsedsps.exe – (vsedsps)
SRV - [2014-09-15 16:03:54 | 000,122,120 | ---- | M] (CYREN Inc.) [On_Demand | Stopped] – C:\Programmer\Common Files\Commtouch\AntiVirus5\vseamps.exe – (vseamps)
SRV - [2014-06-18 09:46:18 | 000,673,856 | ---- | M] (Genie9) [On_Demand | Stopped] – C:\Programmer\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe – (GenieTimelineService)
SRV - [2014-01-23 15:04:54 | 000,178,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Programmer\Common Files\microsoft shared\Source Engine\OSE.EXE – (ose64)
SRV - [2013-08-22 03:21:36 | 000,119,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – E:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe – (Te.Service)
SRV - [2013-03-26 17:23:52 | 007,084,672 | ---- | M] (Acronis) [On_Demand | Stopped] – C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe – (syncagentsrv)
SRV - [2013-02-15 12:01:52 | 001,143,720 | ---- | M] (Acronis) [On_Demand | Stopped] – C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe – (AcrSch2Svc)
SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] – C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe – (SwitchBoard)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2017-01-22 08:41:10 | 000,250,816 | ---- | M] (Malwarebytes) [File_System | Boot | Running] – C:\Windows\SysNative\drivers\MBAMSwissArmy.sys – (MBAMSwissArmy)
DRV:64bit: - [2017-01-19 08:49:38 | 000,054,736 | ---- | M] () [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\hitmanpro37.sys – (hitmanpro37)
DRV:64bit: - [2017-01-19 07:13:38 | 000,520,032 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Running] – C:\Windows\SysNative\drivers\trufos.sys – (Trufos)
DRV:64bit: - [2017-01-18 07:48:20 | 000,946,696 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\rt640x64.sys – (rt640x64)
DRV:64bit: - [2017-01-17 17:12:35 | 000,309,280 | ---- | M] (Bitdefender) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\ignis.sys – (ignis)
DRV:64bit: - [2017-01-10 07:57:56 | 000,091,584 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] – C:\Windows\SysNative\drivers\mwac.sys – (MBAMWebProtection)
DRV:64bit: - [2017-01-10 06:56:42 | 000,102,856 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] – C:\Windows\SysNative\drivers\farflt.sys – (MBAMFarflt)
DRV:64bit: - [2016-12-27 18:12:10 | 000,719,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\WdiWiFi.sys – (wdiwifi)
DRV:64bit: - [2016-12-27 18:12:10 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\pdc.sys – (pdc)
DRV:64bit: - [2016-12-27 18:12:01 | 000,377,184 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\clfs.sys – (CLFS)
DRV:64bit: - [2016-12-27 18:12:01 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\SysNative\drivers\ahcache.sys – (ahcache)
DRV:64bit: - [2016-12-27 18:11:59 | 000,063,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] – C:\Windows\SysNative\drivers\dam.sys – (dam)
DRV:64bit: - [2016-12-27 18:11:57 | 000,127,328 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\SysNative\drivers\AppVStrm.sys – (AppvStrm)
DRV:64bit: - [2016-12-27 18:11:54 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] – C:\Windows\SysNative\drivers\wcifs.sys – (wcifs)
DRV:64bit: - [2016-12-27 18:11:54 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\hvservice.sys – (hvservice)
DRV:64bit: - [2016-12-27 18:11:50 | 000,557,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\spaceport.sys – (spaceport)
DRV:64bit: - [2016-12-27 18:11:50 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\sdbus.sys – (sdbus)
DRV:64bit: - [2016-12-27 18:11:50 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\xboxgip.sys – (xboxgip)
DRV:64bit: - [2016-12-27 18:11:50 | 000,219,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\tpm.sys – (TPM)
DRV:64bit: - [2016-12-27 18:11:50 | 000,130,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\storahci.sys – (storahci)
DRV:64bit: - [2016-12-27 18:11:50 | 000,118,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\capimg.sys – (CapImg)
DRV:64bit: - [2016-12-27 18:11:50 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\EhStorTcgDrv.sys – (EhStorTcgDrv)
DRV:64bit: - [2016-12-27 18:11:50 | 000,081,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\stornvme.sys – (stornvme)
DRV:64bit: - [2016-12-27 18:11:50 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\vpci.sys – (vpci)
DRV:64bit: - [2016-12-27 18:11:50 | 000,064,352 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\MegaSas2i.sys – (megasas2i)
DRV:64bit: - [2016-12-27 18:11:50 | 000,048,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\iorate.sys – (iorate)
DRV:64bit: - [2016-12-27 18:11:50 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\xinputhid.sys – (xinputhid)
DRV:64bit: - [2016-12-27 18:01:58 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] – C:\WINDOWS\SysNative\drivers\wof.sys – (Wof)
DRV:64bit: - [2016-12-27 09:39:05 | 000,176,064 | ---- | M] (Malwarebytes) [File_System | Auto | Running] – C:\Windows\SysNative\drivers\MBAMChameleon.sys – (MBAMChameleon)
DRV:64bit: - [2016-12-14 12:55:14 | 000,077,416 | ---- | M] () [Kernel | System | Running] – C:\Windows\SysNative\drivers\mbae64.sys – (ESProtectionDriver)
DRV:64bit: - [2016-12-01 17:17:54 | 000,056,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\nvvad64v.sys – (nvvad_WaveExtensible)
DRV:64bit: - [2016-10-29 08:54:37 | 000,182,944 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] – C:\Windows\SysNative\drivers\gzflt.sys – (gzflt)
DRV:64bit: - [2016-09-20 04:17:02 | 001,605,376 | ---- | M] (BitDefender) [File_System | Boot | Running] – C:\Windows\SysNative\drivers\avc3.sys – (avc3)
DRV:64bit: - [2016-09-20 04:16:58 | 000,878,072 | ---- | M] (BitDefender) [File_System | On_Demand | Running] – C:\Windows\SysNative\drivers\avckf.sys – (avckf)
DRV:64bit: - [2016-07-17 01:14:30 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\terminpt.sys – (terminpt)
DRV:64bit: - [2016-07-17 01:14:23 | 000,179,040 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\SysNative\drivers\mssecflt.sys – (MsSecFlt)
DRV:64bit: - [2016-07-17 01:14:19 | 000,040,288 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] – C:\Windows\SysNative\drivers\UevAgentDriver.sys – (UevAgentDriver)
DRV:64bit: - [2016-07-17 01:14:14 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\rdpvideominiport.sys – (RdpVideoMiniport)
DRV:64bit: - [2016-07-17 01:14:12 | 000,123,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\tsusbhub.sys – (tsusbhub)
DRV:64bit: - [2016-07-17 01:14:10 | 000,157,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\SysNative\drivers\AppvVemgr.sys – (AppvVemgr)
DRV:64bit: - [2016-07-17 01:14:10 | 000,141,152 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\SysNative\drivers\AppvVfs.sys – (AppvVfs)
DRV:64bit: - [2016-07-16 12:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\WpdUpFltr.sys – (WpdUpFltr)
DRV:64bit: - [2016-07-16 12:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\WdNisDrv.sys – (WdNisDrv)
DRV:64bit: - [2016-07-16 12:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\SysNative\drivers\WdFilter.sys – (WdFilter)
DRV:64bit: - [2016-07-16 12:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\WdBoot.sys – (WdBoot)
DRV:64bit: - [2016-07-16 12:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\Ndu.sys – (Ndu)
DRV:64bit: - [2016-07-16 12:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\NdisImPlatform.sys – (NdisImPlatform)
DRV:64bit: - [2016-07-16 12:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\mslldp.sys – (MsLldp)
DRV:64bit: - [2016-07-16 12:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\applockerfltr.sys – (applockerfltr)
DRV:64bit: - [2016-07-16 12:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\WINDOWS\SysNative\drivers\refsv1.sys – (ReFSv1)
DRV:64bit: - [2016-07-16 12:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\WindowsTrustedRT.sys – (WindowsTrustedRT)
DRV:64bit: - [2016-07-16 12:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\SysNative\drivers\gpuenergydrv.sys – (GpuEnergyDrv)
DRV:64bit: - [2016-07-16 12:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\ufx01000.sys – (Ufx01000)
DRV:64bit: - [2016-07-16 12:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\VerifierExt.sys – (VerifierExt)
DRV:64bit: - [2016-07-16 12:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\SerCx2.sys – (SerCx2)
DRV:64bit: - [2016-07-16 12:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\UcmTcpciCx.sys – (UcmTcpciCx0101)
DRV:64bit: - [2016-07-16 12:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\UcmCx.sys – (UcmCx0101)
DRV:64bit: - [2016-07-16 12:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\SpbCx.sys – (SpbCx)
DRV:64bit: - [2016-07-16 12:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] – C:\Windows\SysNative\drivers\storqosflt.sys – (storqosflt)
DRV:64bit: - [2016-07-16 12:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\SerCx.sys – (SerCx)
DRV:64bit: - [2016-07-16 12:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\urscx01000.sys – (UrsCx01000)
DRV:64bit: - [2016-07-16 12:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\condrv.sys – (condrv)
DRV:64bit: - [2016-07-16 12:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\IndirectKmd.sys – (IndirectKmd)
DRV:64bit: - [2016-07-16 12:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] – C:\WINDOWS\SysNative\drivers\fs_rec.sys – (Fs_Rec)
DRV:64bit: - [2016-07-16 12:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\mshidumdf.sys – (mshidumdf)
DRV:64bit: - [2016-07-16 12:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] – C:\Windows\SysNative\drivers\cnghwassist.sys – (cnghwassist)
DRV:64bit: - [2016-07-16 12:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\mmcss.sys – (MMCSS)
DRV:64bit: - [2016-07-16 12:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\EhStorClass.sys – (EhStorClass)
DRV:64bit: - [2016-07-16 12:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\irda.sys – (irda)
DRV:64bit: - [2016-07-16 12:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\NdisVirtualBus.sys – (NdisVirtualBus)
DRV:64bit: - [2016-07-16 12:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\msgpioclx.sys – (GPIOClx0101)
DRV:64bit: - [2016-07-16 12:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\wfplwfs.sys – (WFPLWFS)
DRV:64bit: - [2016-07-16 12:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\registry.sys – (clreg)
DRV:64bit: - [2016-07-16 12:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] – C:\Windows\SysNative\drivers\wcnfs.sys – (wcnfs)
DRV:64bit: - [2016-07-16 12:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\Ucx01000.sys – (Ucx01000)
DRV:64bit: - [2016-07-16 12:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\acpiex.sys – (acpiex)
DRV:64bit: - [2016-07-16 12:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\NetAdapterCx.sys – (NetAdapterCx)
DRV:64bit: - [2016-07-16 12:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] – C:\Windows\SysNative\drivers\filecrypt.sys – (FileCrypt)
DRV:64bit: - [2016-07-16 12:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TsUsbFlt.sys – (tsusbflt)
DRV:64bit: - [2016-07-16 12:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\Udecx.sys – (UdeCx)
DRV:64bit: - [2016-07-16 12:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\vhf.sys – (vhf)
DRV:64bit: - [2016-07-16 12:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\USBHUB3.SYS – (USBHUB3)
DRV:64bit: - [2016-07-16 12:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\USBXHCI.SYS – (USBXHCI)
DRV:64bit: - [2016-07-16 12:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\ufxsynopsys.sys – (ufxsynopsys)
DRV:64bit: - [2016-07-16 12:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\UfxChipidea.sys – (UfxChipidea)
DRV:64bit: - [2016-07-16 12:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\sdstor.sys – (sdstor)
DRV:64bit: - [2016-07-16 12:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\UcmUcsi.sys – (UcmUcsi)
DRV:64bit: - [2016-07-16 12:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\urschipidea.sys – (UrsChipidea)
DRV:64bit: - [2016-07-16 12:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\urssynopsys.sys – (UrsSynopsys)
DRV:64bit: - [2016-07-16 12:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\genericusbfn.sys – (genericusbfn)
DRV:64bit: - [2016-07-16 12:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys – (WindowsTrustedRTProxy)
DRV:64bit: - [2016-07-16 12:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys – (iaLPSS2i_I2C)
DRV:64bit: - [2016-07-16 12:41:54 | 000,081,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\iai2c.sys – (iai2c)
DRV:64bit: - [2016-07-16 12:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys – (iaLPSS2i_GPIO2)
DRV:64bit: - [2016-07-16 12:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\hidi2c.sys – (hidi2c)
DRV:64bit: - [2016-07-16 12:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\msgpiowin32.sys – (msgpiowin32)
DRV:64bit: - [2016-07-16 12:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\hidinterrupt.sys – (hidinterrupt)
DRV:64bit: - [2016-07-16 12:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\buttonconverter.sys – (buttonconverter)
DRV:64bit: - [2016-07-16 12:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TsUsbGD.sys – (TsUsbGD)
DRV:64bit: - [2016-07-16 12:41:54 | 000,033,280 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\iagpio.sys – (iagpio)
DRV:64bit: - [2016-07-16 12:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\SysNative\drivers\npsvctrig.sys – (npsvctrig)
DRV:64bit: - [2016-07-16 12:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\kdnic.sys – (kdnic)
DRV:64bit: - [2016-07-16 12:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\cht4vx64.sys – (cht4vbd)
DRV:64bit: - [2016-07-16 12:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\adp80xx.sys – (ADP80XX)
DRV:64bit: - [2016-07-16 12:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\mlx4_bus.sys – (mlx4_bus)
DRV:64bit: - [2016-07-16 12:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\iaStorAV.sys – (iaStorAV)
DRV:64bit: - [2016-07-16 12:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\ibbus.sys – (ibbus)
DRV:64bit: - [2016-07-16 12:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\cht4sx64.sys – (cht4iscsi)
DRV:64bit: - [2016-07-16 12:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\VSTXRAID.SYS – (VSTXRAID)
DRV:64bit: - [2016-07-16 12:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\amdsbs.sys – (amdsbs)
DRV:64bit: - [2016-07-16 12:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\scmdisk0101.sys – (scmdisk0101)
DRV:64bit: - [2016-07-16 12:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\ndfltr.sys – (ndfltr)
DRV:64bit: - [2016-07-16 12:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\3ware.sys – (3ware)
DRV:64bit: - [2016-07-16 12:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\lsi_sas2i.sys – (LSI_SAS2i)
DRV:64bit: - [2016-07-16 12:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\lsi_sas3i.sys – (LSI_SAS3i)
DRV:64bit: - [2016-07-16 12:41:53 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\scmbus.sys – (scmbus)
DRV:64bit: - [2016-07-16 12:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\amdsata.sys – (amdsata)
DRV:64bit: - [2016-07-16 12:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\lsi_sss.sys – (LSI_SSS)
DRV:64bit: - [2016-07-16 12:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\uaspstor.sys – (UASPStor)
DRV:64bit: - [2016-07-16 12:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\usbser.sys – (usbser)
DRV:64bit: - [2016-07-16 12:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\winverbs.sys – (WinVerbs)
DRV:64bit: - [2016-07-16 12:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\HpSAMD.sys – (HpSAMD)
DRV:64bit: - [2016-07-16 12:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\mvumis.sys – (mvumis)
DRV:64bit: - [2016-07-16 12:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\percsas3i.sys – (percsas3i)
DRV:64bit: - [2016-07-16 12:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\percsas2i.sys – (percsas2i)
DRV:64bit: - [2016-07-16 12:41:53 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\SysNative\drivers\BasicDisplay.sys – (BasicDisplay)
DRV:64bit: - [2016-07-16 12:41:53 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] – C:\Windows\SysNative\drivers\BasicRender.sys – (BasicRender)
DRV:64bit: - [2016-07-16 12:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\storufs.sys – (storufs)
DRV:64bit: - [2016-07-16 12:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\winmad.sys – (WinMad)
DRV:64bit: - [2016-07-16 12:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\stexstor.sys – (stexstor)
DRV:64bit: - [2016-07-16 12:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\uefi.sys – (UEFI)
DRV:64bit: - [2016-07-16 12:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\amdxata.sys – (amdxata)
DRV:64bit: - [2016-07-16 12:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\AcpiDev.sys – (AcpiDev)
DRV:64bit: - [2016-07-16 12:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\volume.sys – (volume)
DRV:64bit: - [2016-07-16 12:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\acpitime.sys – (acpitime)
DRV:64bit: - [2016-07-16 12:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\acpipagr.sys – (acpipagr)
DRV:64bit: - [2016-07-16 12:41:53 | 000,009,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\bcmfn2.sys – (bcmfn2)
DRV:64bit: - [2016-07-16 12:41:53 | 000,009,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\bcmfn.sys – (bcmfn)
DRV:64bit: - [2016-07-16 12:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\evbda.sys – (ebdrv)
DRV:64bit: - [2016-07-16 12:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\bxvbda.sys – (b06bdrv)
DRV:64bit: - [2016-07-16 12:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\intelpep.sys – (intelpep)
DRV:64bit: - [2016-07-16 12:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys – (iaLPSSi_GPIO)
DRV:64bit: - [2016-07-16 12:41:52 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\WSDPrint.sys – (WSDPrintDevice)
DRV:64bit: - [2016-07-16 12:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys – (iaLPSSi_I2C)
DRV:64bit: - [2016-07-16 12:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\bthhfenum.sys – (BthHFEnum)
DRV:64bit: - [2016-07-16 12:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\Synth3dVsc.sys – (Synth3dVsc)
DRV:64bit: - [2016-07-16 12:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\BthAvrcpTg.sys – (BthAvrcpTg)
DRV:64bit: - [2016-07-16 12:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys – (CompositeBus)
DRV:64bit: - [2016-07-16 12:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\dmvsc.sys – (dmvsc)
DRV:64bit: - [2016-07-16 12:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\BthhfHid.sys – (bthhfhid)
DRV:64bit: - [2016-07-16 12:41:50 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\WSDScan.sys – (WSDScan)
DRV:64bit: - [2016-07-16 12:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\hyperkbd.sys – (hyperkbd)
DRV:64bit: - [2016-07-16 12:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\vmgencounter.sys – (gencounter)
DRV:64bit: - [2016-07-16 12:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\vmgid.sys – (vmgid)
DRV:64bit: - [2016-06-24 17:44:05 | 000,038,768 | ---- | M] (GN Netcom A/S) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\JabraMobileCsrDfuX64.sys – (JabraDFU)
DRV:64bit: - [2016-06-20 10:13:06 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\npf.sys – (NPF)
DRV:64bit: - [2016-03-14 22:04:45 | 000,023,672 | ---- | M] (Bitdefender) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\bdelam.sys – (bdelam)
DRV:64bit: - [2016-02-29 10:49:54 | 000,133,168 | R— | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\acsock64.sys – (acsock)
DRV:64bit: - [2015-12-04 19:27:06 | 000,087,912 | ---- | M] (BitDefender) [Kernel | System | Running] – C:\Windows\SysNative\drivers\bdvedisk.sys – (BDVEDISK)
DRV:64bit: - [2015-11-24 07:29:26 | 000,103,616 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\wachidrouter.sys – (WacHidRouter)
DRV:64bit: - [2015-11-24 07:29:26 | 000,015,040 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\wacomrouterfilter.sys – (wacomrouterfilter)
DRV:64bit: - [2015-11-24 07:29:25 | 000,014,016 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\hidkmdf.sys – (hidkmdf)
DRV:64bit: - [2015-08-16 16:28:46 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] – C:\Windows\SysNative\drivers\afcdp.sys – (afcdp)
DRV:64bit: - [2015-08-16 16:28:44 | 001,120,032 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\tib.sys – (tib)
DRV:64bit: - [2015-08-16 16:28:44 | 000,183,224 | ---- | M] (Acronis) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\tib_mounter.sys – (tib_mounter)
DRV:64bit: - [2015-08-16 16:28:43 | 001,462,560 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\tdrpman.sys – (tdrpman)
DRV:64bit: - [2015-08-16 16:28:42 | 000,233,760 | ---- | M] (Acronis) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\snapman.sys – (snapman)
DRV:64bit: - [2015-08-16 16:28:42 | 000,108,832 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\fltsrv.sys – (fltsrv)
DRV:64bit: - [2015-08-14 13:03:24 | 000,033,472 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\VMkbd.sys – (vmkbd)
DRV:64bit: - [2015-08-14 13:03:06 | 000,066,752 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\vmx86.sys – (vmx86)
DRV:64bit: - [2015-08-14 12:43:18 | 000,026,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\vmnetuserif.sys – (VMnetuserif)
DRV:64bit: - [2015-08-14 12:43:08 | 000,048,832 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\vmnetbridge.sys – (VMnetBridge)
DRV:64bit: - [2015-08-14 12:43:08 | 000,028,864 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\vmnetadapter.sys – (VMnetAdapter)
DRV:64bit: - [2015-08-11 18:27:10 | 000,057,536 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\hcmon.sys – (hcmon)
DRV:64bit: - [2015-08-04 00:10:20 | 000,075,512 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\vsock.sys – (vsock)
DRV:64bit: - [2015-08-04 00:10:18 | 000,090,816 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\vmci.sys – (vmci)
DRV:64bit: - [2015-06-18 03:25:00 | 000,087,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\LEqdUsb.sys – (LEqdUsb)
DRV:64bit: - [2015-06-18 03:25:00 | 000,086,672 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\LHidFilt.Sys – (LHidFilt)
DRV:64bit: - [2015-06-18 03:25:00 | 000,069,264 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\LMouFilt.Sys – (LMouFilt)
DRV:64bit: - [2015-06-18 03:25:00 | 000,023,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\LHidEqd.sys – (LHidEqd)
DRV:64bit: - [2015-06-10 22:08:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\usbaapl64.sys – (USBAAPL64)
DRV:64bit: - [2015-06-09 12:24:20 | 000,120,960 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] – C:\WINDOWS\SysNative\drivers\DefragFS.sys – (DefragFS)
DRV:64bit: - [2015-06-04 00:04:48 | 000,042,088 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\taphss6.sys – (taphss6)
DRV:64bit: - [2015-02-19 22:17:46 | 000,052,592 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\vpnva64-6.sys – (vpnva)
DRV:64bit: - [2015-01-16 16:22:32 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\netaapl64.sys – (Netaapl)
DRV:64bit: - [2014-11-27 09:04:52 | 000,331,608 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\hardlock.sys – (hardlock)
DRV:64bit: - [2014-11-27 09:04:52 | 000,162,136 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\aksfridge.sys – (aksfridge)
DRV:64bit: - [2014-11-27 09:04:52 | 000,091,784 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\aksdf.sys – (aksdf)
DRV:64bit: - [2014-09-15 16:07:28 | 000,175,368 | ---- | M] (CYREN Inc.) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\amp.sys – (AMP)
DRV:64bit: - [2014-09-15 16:07:26 | 001,767,176 | ---- | M] (CYREN Inc.) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\ampse.sys – (AMPSE)
DRV:64bit: - [2013-10-07 09:01:57 | 000,024,744 | ---- | M] (Audials AG) [Kernel | System | Stopped] – C:\Windows\SysNative\drivers\RrNetCapFilterDriver.sys – (RrNetCapFilterDriver)
DRV:64bit: - [2013-08-22 09:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\tap0901.sys – (tap0901)
DRV:64bit: - [2012-11-09 08:52:48 | 000,020,832 | ---- | M] (Nicomsoft Ltd.) [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\DDCDrv.sys – (WinI2C-DDC)
DRV:64bit: - [2012-08-23 16:57:16 | 000,083,224 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] – C:\Windows\SysNative\drivers\PDFsFilter.sys – (PDFSFilter)
DRV:64bit: - [2012-06-22 02:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\PxHlpa64.sys – (PxHlpa64)
DRV:64bit: - [2005-12-14 00:53:42 | 000,007,808 | ---- | M] (GretagMacbeth LLC) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\i1display_x64.sys – (EyeOneDisplay)
DRV - [2017-01-07 08:55:07 | 000,027,320 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] – C:\Users\Keld\AppData\Local\Temp\cpuz138\cpuz138_x64.sys – (cpuz138)
DRV - [2016-12-16 13:29:40 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] – C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys – (RegFilter)
DRV - [2016-12-16 13:29:40 | 000,022,208 | ---- | M] (IObit) [File_System | On_Demand | Running] – C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys – (IMFFilter)
DRV - [2016-07-16 12:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys – (CompositeBus)
DRV - [2016-06-24 08:42:40 | 000,128,400 | ---- | M] (BitDefender LLC) [Kernel | System | Running] – C:\Programmer\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys – (bdfwfpf)
DRV - [2016-06-14 21:03:08 | 000,026,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\Programmer\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys – (NvStreamKms)
DRV - [2015-08-26 01:18:08 | 000,010,240 | ---- | M] (Nicomsoft Ltd.) [Kernel | Auto | Running] – C:\Windows\SysWOW64\drivers\DDCDrv.sys – (WinI2C-DDC)
DRV - [2015-08-21 16:34:21 | 000,026,528 | ---- | M] (REALiX™) [Kernel | System | Running] – C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS – (HWiNFO32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM…\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM…\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM…\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM…\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-3497446519-956756083-173039897-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3497446519-956756083-173039897-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da,en-US;q=0.7,en;q=0.3
IE - HKU\S-1-5-21-3497446519-956756083-173039897-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE D6 11 48 FC D7 D0 01 [binary data]
IE - HKU\S-1-5-21-3497446519-956756083-173039897-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 3C 9A 94 C4 CD 7E D1 01 [binary data]
IE - HKU\S-1-5-21-3497446519-956756083-173039897-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 0F 00 00 00 F5 F0 EB 2B 85 BD 2D 8E 63 B5 E0 1D 1F 63 8D 02 00 00 00 0E 00 00 00 6C 37 36 44 32 43 42 52 49 78 51 25 33 64 [binary data]
IE - HKU\S-1-5-21-3497446519-956756083-173039897-1000…\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3497446519-956756083-173039897-1000…\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
IE - HKU\S-1-5-21-3497446519-956756083-173039897-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-21-3497446519-956756083-173039897-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = <-loopback>

========== FireFox ==========

FF - prefs.js…browser.search.countryCode: “DK”
FF - prefs.js…browser.search.region: “DK”
FF - prefs.js…extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0

FF:64bit: - HKLM\Software\MozillaPlugins@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: E:\Program Files\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins@adobe.com/FlashPlayer: C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll ()
FF - HKLM\Software\MozillaPlugins@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins@java.com/DTPlugin,version=11.111.2: C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins@java.com/JavaPlugin,version=11.111.2: C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins@verimatrix.com/ViewRightWeb: C:\Program Files (x86)\Verimatrix\ViewRight Web\npViewRight.dll ()
FF - HKLM\Software\MozillaPlugins@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: E:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: E:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins@citrixonline.com/appdetectorplugin: C:\Users\Keld\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins@verimatrix.com/ViewRightWeb: C:\Program Files (x86)\Verimatrix\ViewRight Web\npViewRight.dll ()

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\bdwteffv19@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2015\ANTISPAM32\BDWTEFF
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\bdwteffv20@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2017\ANTISPAM32\BDWTEFF\ [2017-01-17 17:35:35 | 000,000,000 | —D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2017\BDTBEXT [2016-12-13 13:42:20 | 000,000,000 | —D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\bdwteffv19@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-08-26 06:20:28 | 000,000,000 | —D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\web2pdfextension.15@web2pdf.adobedotcom: E:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-11-28 16:28:06 | 000,000,000 | —D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\bdwteffv20@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\ [2017-01-17 17:35:35 | 000,000,000 | —D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016-11-28 16:28:38 | 000,000,000 | —D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2016-12-13 13:42:20 | 000,000,000 | —D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 50.1.0\extensions\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 50.1.0\extensions\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016-11-28 16:28:38 | 000,000,000 | —D | M]

[2015-08-31 10:24:28 | 000,000,000 | —D | M] (No name found) – C:\Users\Keld\AppData\Roaming\mozilla\Extensions
[2015-08-31 10:24:28 | 000,000,000 | —D | M] (No name found) – C:\Users\Keld\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2016-11-06 12:29:29 | 000,000,000 | —D | M] (No name found) – C:\Users\Keld\AppData\Roaming\mozilla\Firefox\Profiles\pm774lp8.default\extensions
[2016-12-25 16:37:05 | 000,000,000 | —D | M] (No name found) – C:\Program Files (x86)\mozilla firefox\browser\extensions
[2016-07-19 18:49:40 | 000,043,424 | ---- | M] (Microsoft Corporation) – C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk\4.6.2.90_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk\6.65.62_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.4_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn\0.9.5.0_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme\5.9.2_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl\21.1.7_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.8.4_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\7.1.2.3_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.1_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5516.1005.0.3_0
CHR - Extension: No name found = C:\Users\Keld\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\

O1 HOSTS File: ([2017-01-22 10:41:18 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (1Password) - {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\PROGRA~2\1PASSW~1\x64\Agile1pIE4.dll (AgileBits)
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2:64bit: - BHO: (Bitdefender Wallet ) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Programmer\Bitdefender\Bitdefender 2017\pmbxie.dll (Bitdefender)
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programmer\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programmer\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2:64bit: - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programmer\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (1Password) - {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\PROGRA~2\1PASSW~1\x86\Agile1pIE4.dll (AgileBits)
O2 - BHO: (Bitdefender Wallet) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Programmer\Bitdefender\Bitdefender 2017\antispam32\pmbxie.dll (Bitdefender)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM…\Toolbar: (Bitdefender Wallet ) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Programmer\Bitdefender\Bitdefender 2017\pmbxie.dll (Bitdefender)
O3:64bit: - HKLM…\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM…\Toolbar: (Bitdefender Wallet) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Programmer\Bitdefender\Bitdefender 2017\antispam32\pmbxie.dll (Bitdefender)
O3 - HKLM…\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKU\S-1-5-21-3497446519-956756083-173039897-1000…\Toolbar\WebBrowser: (Bitdefender Wallet ) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Programmer\Bitdefender\Bitdefender 2017\pmbxie.dll (Bitdefender)
O3 - HKU\S-1-5-21-3497446519-956756083-173039897-1000…\Toolbar\WebBrowser: (Bitdefender Wallet) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Programmer\Bitdefender\Bitdefender 2017\antispam32\pmbxie.dll (Bitdefender)
O3:64bit: - HKU\S-1-5-21-3497446519-956756083-173039897-1000…\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-3497446519-956756083-173039897-1000…\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM…\Run: [ACPW09EN] E:\Program Files\ACD Systems\ACDSee Pro\9.0\acdIDInTouch2.exe (ACD Systems)
O4:64bit: - HKLM…\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM…\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM…\Run: [Fences] E:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
O4:64bit: - HKLM…\Run: [Malwarebytes TrayApp] C:\Programmer\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
O4:64bit: - HKLM…\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM…\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM…\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM…\Run: [] File not found
O4 - HKLM…\Run: [Acrobat Assistant 8.0] E:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM…\Run: [Agile1pAgent] C:\Program Files (x86)\1Password 4\Agile1pAgent.exe (AgileBits)
O4 - HKLM…\Run: [Dropbox] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKLM…\Run: [HeimdalAgentLoader] C:\Program Files (x86)\Heimdal\Heimdal.AgentLoader.exe (Heimdal Security)
O4 - HKLM…\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM…\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM…\Run: [Syncios device service] C:\Program Files (x86)\Syncios\SynciosDeviceService.exe ()
O4 - HKLM…\Run: [vmware-tray.exe] E:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKU.DEFAULT…\Run: [KSS] “C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe” autorun File not found
O4 - HKU\S-1-5-18…\Run: [KSS] “C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe” autorun File not found
O4 - HKU\S-1-5-19…\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20…\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3497446519-956756083-173039897-1000…\Run: [ACDSeeCommanderPro9] E:\Program Files\ACD Systems\ACDSee Pro\9.0\ACDSeeCommanderPro9.exe ()
O4 - HKU\S-1-5-21-3497446519-956756083-173039897-1000…\Run: [Advanced SystemCare 10] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-3497446519-956756083-173039897-1000…\Run: [FBackup 6 Tray Agent] E:\Program Files (x86)\Softland\FBackup 6\bTray.exe (Softland)
O4 - HKU\S-1-5-21-3497446519-956756083-173039897-1000…\Run: [Fences] E:\Program Files (x86)\Stardock\Fences\Fences.exe (Stardock Corporation)
O4 - HKU\S-1-5-21-3497446519-956756083-173039897-1000…\Run: [gSyncit] C:\Programmer\Fieldston Software\gSyncit\gsyncit.exe (Fieldston Software)
O4 - HKU\S-1-5-21-3497446519-956756083-173039897-1000…\Run: [Jotta] C:\Program Files\Jotta\jotta.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-3497446519-956756083-173039897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleNetIDList = 1
O7 - HKU\S-1-5-21-3497446519-956756083-173039897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-3497446519-956756083-173039897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NolowDiskSpaceChecks = 1
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmer\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra ‘Tools’ menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmer\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programmer\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra ‘Tools’ menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programmer\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~2\1PASSW~1\x64\Agile1pIE4.dll (AgileBits)
O9:64bit: - Extra ‘Tools’ menuitem : 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~2\1PASSW~1\x64\Agile1pIE4.dll (AgileBits)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmer\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra ‘Tools’ menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmer\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~2\1PASSW~1\x86\Agile1pIE4.dll (AgileBits)
O9 - Extra ‘Tools’ menuitem : 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\PROGRA~2\1PASSW~1\x86\Agile1pIE4.dll (AgileBits)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programmer\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces{da330465-082d-46ae-aeb0-6b2e0fc2fb14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces{da330465-082d-46ae-aeb0-6b2e0fc2fb14}: NameServer = 127.0.0.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmer\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programmer\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programmer\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - E:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O30:64bit: - LSA: Security Packages - (livessp) - File not found
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2017-01-18 07:40:58 | 000,000,000 | ---- | M] () - C:\autoexec.bat – [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk )
O35:64bit: - HKLM…comfile [open] – “%1” %

O35:64bit: - HKLM…exefile [open] – “%1” %*
O35 - HKLM…comfile [open] – “%1” %*
O35 - HKLM…exefile [open] – “%1” %*
O37:64bit: - HKLM…com [@ = comfile] – “%1” %*
O37:64bit: - HKLM…exe [@ = exefile] – “%1” %*
O37 - HKLM…com [@ = comfile] – “%1” %*
O37 - HKLM…exe [@ = exefile] – “%1” %*
O38 - SubSystems\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2017-01-22 08:26:34 | 000,000,000 | -HSD | C] – C:\Config.Msi
[2017-01-21 18:54:43 | 000,000,000 | —D | C] – C:\ProgramData\Kaspersky Lab Setup Files
[2017-01-21 18:03:20 | 000,000,000 | —D | C] – C:\ProgramData\Trend Micro
[2017-01-21 18:03:17 | 000,000,000 | —D | C] – C:\WINDOWS\Trend Micro
[2017-01-21 18:01:03 | 000,332,512 | ---- | C] (Trend Micro Inc.) – C:\WINDOWS\SysNative\drivers\tmcomm.sys
[2017-01-21 11:55:57 | 000,000,000 | —D | C] – C:\Program Files (x86)\Common Files\Symantec Shared
[2017-01-21 11:53:52 | 000,000,000 | —D | C] – C:\WINDOWS\SysNative\drivers\NSSx64
[2017-01-21 11:53:52 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
[2017-01-21 11:53:52 | 000,000,000 | —D | C] – C:\Program Files (x86)\Norton Security Scan
[2017-01-21 11:53:52 | 000,000,000 | —D | C] – C:\WINDOWS\SysNative\drivers\NSSx64\0406010.050
[2017-01-21 11:53:46 | 000,000,000 | —D | C] – C:\ProgramData\NortonInstaller
[2017-01-21 11:53:46 | 000,000,000 | —D | C] – C:\Program Files (x86)\NortonInstaller
[2017-01-21 08:03:25 | 000,000,000 | —D | C] – C:\Users\Keld\AppData\Local\ESET
[2017-01-20 21:55:45 | 000,000,000 | —D | C] – C:\Users\Keld\AppData\Local\FSDART
[2017-01-20 21:55:41 | 000,000,000 | —D | C] – C:\Users\Keld\AppData\Local\F-Secure
[2017-01-20 21:55:41 | 000,000,000 | —D | C] – C:\ProgramData\F-Secure
[2017-01-19 08:29:52 | 000,000,000 | —D | C] – C:\ProgramData\HitmanPro
[2017-01-19 07:13:37 | 000,520,032 | ---- | C] (BitDefender S.R.L.) – C:\WINDOWS\SysNative\drivers\trufos.sys
[2017-01-18 21:49:46 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2017-01-18 21:09:54 | 000,000,000 | —D | C] – C:\ProgramData{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
[2017-01-18 18:42:25 | 000,000,000 | —D | C] – C:\ProgramData\RogueKiller
[2017-01-18 07:48:20 | 000,946,696 | ---- | C] (Realtek ) – C:\WINDOWS\SysNative\drivers\rt640x64.sys
[2017-01-18 07:40:15 | 000,000,000 | —D | C] – C:\Users\Keld\Start Menu
[2017-01-17 17:12:35 | 000,309,280 | ---- | C] (Bitdefender) – C:\WINDOWS\SysNative\drivers\ignis.sys
[2017-01-12 16:25:10 | 000,000,000 | —D | C] – C:\Users\Keld\Desktop\2017
[2017-01-12 15:29:55 | 000,000,000 | —D | C] – C:\WINDOWS\PCHEALTH
[2017-01-11 21:33:35 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
[2017-01-10 07:11:03 | 000,000,000 | —D | C] – C:\Program Files (x86)\Common Files\Java
[2017-01-09 21:50:06 | 000,000,000 | —D | C] – C:\ProgramData\Bitdefender Device Management
[2017-01-09 21:48:45 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
[2017-01-09 21:48:32 | 000,023,672 | ---- | C] (Bitdefender) – C:\WINDOWS\SysNative\drivers\bdelam.sys
[2017-01-09 21:48:25 | 001,605,376 | ---- | C] (BitDefender) – C:\WINDOWS\SysNative\drivers\avc3.sys
[2017-01-09 21:48:25 | 000,878,072 | ---- | C] (BitDefender) – C:\WINDOWS\SysNative\drivers\avckf.sys
[2017-01-09 21:48:25 | 000,087,912 | ---- | C] (BitDefender) – C:\WINDOWS\SysNative\drivers\bdvedisk.sys
[2017-01-09 21:48:18 | 000,000,000 | —D | C] – C:\Users\Keld\AppData\Roaming\Bitdefender
[2017-01-09 21:46:29 | 000,182,944 | ---- | C] (BitDefender LLC) – C:\WINDOWS\SysNative\drivers\gzflt.sys
[2017-01-09 21:45:40 | 000,000,000 | —D | C] – C:\Program Files\Common Files\Bitdefender
[2017-01-09 21:17:51 | 000,000,000 | —D | C] – C:\ProgramData\Bitdefender
[2017-01-09 21:12:32 | 000,000,000 | —D | C] – C:\ProgramData\Bitdefender Agent
[2017-01-09 21:12:32 | 000,000,000 | —D | C] – C:\Program Files\Bitdefender Agent
[2017-01-06 01:04:24 | 000,051,504 | ---- | C] (Dropbox, Inc.) – C:\WINDOWS\SysNative\DbxSvc.exe
[2017-01-06 00:48:58 | 000,075,888 | ---- | C] (Dropbox, Inc.) – C:\WINDOWS\SysNative\drivers\dbx-stable.sys
[2017-01-06 00:48:58 | 000,075,888 | ---- | C] (Dropbox, Inc.) – C:\WINDOWS\SysNative\drivers\dbx-dev.sys
[2017-01-06 00:48:58 | 000,075,888 | ---- | C] (Dropbox, Inc.) – C:\WINDOWS\SysNative\drivers\dbx-canary.sys
[2017-01-03 09:45:52 | 000,000,000 | —D | C] – C:\Users\Keld\Documents\openhardwaremonitor-v0.8.0-beta
[2016-12-30 21:28:33 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2016-12-30 21:28:08 | 000,000,000 | —D | C] – C:\Program Files\iPod
[2016-12-30 21:28:07 | 000,000,000 | —D | C] – C:\Program Files\iTunes
[2016-12-29 08:45:28 | 000,000,000 | —D | C] – C:\Users\Keld\Desktop\Adobe CC 32 & 64 bit amtlib files
[2016-12-28 13:33:52 | 000,000,000 | —D | C] – C:\Users\Keld\AppData\Local\assembly
[2016-12-27 18:50:33 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft OneDrive
[2016-12-27 18:48:07 | 000,000,000 | —D | C] – C:\Users\Keld\AppData\Local\ConnectedDevicesPlatform
[2016-12-27 18:41:36 | 000,000,000 | -HSD | C] – C:\Recovery
[2016-12-27 18:41:36 | 000,000,000 | -HSD | C] – C:\ProgramData\Application Data
[2016-12-27 18:34:32 | 000,000,000 | —D | C] – C:\ProgramData\USOShared
[2016-12-27 18:33:49 | 000,000,000 | —D | C] – C:\Users\Public\Documents\Heimdal Security
[2016-12-27 18:25:52 | 000,000,000 | --SD | C] – C:\Users\Keld\AppData\Roaming\Microsoft
[2016-12-27 18:25:52 | 000,000,000 | R–D | C] – C:\Users\Keld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2016-12-27 18:25:52 | 000,000,000 | R–D | C] – C:\Users\Keld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2016-12-27 18:25:52 | 000,000,000 | R–D | C] – C:\Users\Keld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2016-12-27 18:25:52 | 000,000,000 | R–D | C] – C:\Users\Keld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\Documents\Videoer
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\AppData\Local\Temporary Internet Files
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\Skabeloner
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\SendTo
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\Recent
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\Printere
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\AppData\Local\Oversigt
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\Documents\Musik
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\Menuen Start
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\Lokale indstillinger
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\Dokumenter
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\Cookies
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\Documents\Billeder
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\Application Data
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\AppData\Local\Application Data
[2016-12-27 18:25:52 | 000,000,000 | -HSD | C] – C:\Users\Keld\Andre computere
[2016-12-27 18:25:52 | 000,000,000 | -H-D | C] – C:\Users\Keld\AppData
[2016-12-27 18:25:52 | 000,000,000 | —D | C] – C:\Users\Keld\AppData\Local\Temp
[2016-12-27 18:25:52 | 000,000,000 | —D | C] – C:\Users\Keld\AppData\Local\Microsoft
[2016-12-27 18:25:52 | 000,000,000 | —D | C] – C:\Users\Keld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2016-12-27 18:23:14 | 000,000,000 | —D | C] – C:\ProgramData\NVIDIA
[2016-12-27 18:23:12 | 000,000,000 | -H-D | C] – C:\Program Files (x86)\Uninstall Information
[2016-12-27 18:23:04 | 000,000,000 | —D | C] – C:\ProgramData\NVIDIA Corporation
[2016-12-27 18:22:59 | 000,000,000 | —D | C] – C:\Program Files\NVIDIA Corporation
[2016-12-27 18:22:56 | 000,000,000 | —D | C] – C:\ProgramData\Brother
[2016-12-27 18:22:40 | 000,000,000 | —D | C] – C:\WINDOWS\SysWow64\RTCOM
[2016-12-27 18:22:40 | 000,000,000 | —D | C] – C:\Program Files\Realtek
[2016-12-27 18:21:19 | 000,000,000 | —D | C] – C:\WINDOWS\SysNative\SleepStudy
[2016-12-27 18:21:19 | 000,000,000 | —D | C] – C:\WINDOWS\ServiceProfiles
[2016-12-27 18:21:19 | 000,000,000 | —D | C] – C:\WINDOWS\Prefetch
[2016-12-27 18:20:16 | 000,000,000 | —D | C] – C:\WINDOWS\Panther
[2016-12-27 18:12:06 | 000,141,824 | ---- | C] (Windows ® Win 7 DDK provider) – C:\WINDOWS\SysWow64\DscCoreConfProv.dll
[2016-12-27 18:11:59 | 000,204,288 | ---- | C] (Windows ® Win 7 DDK provider) – C:\WINDOWS\SysNative\DscCoreConfProv.dll
[2016-12-27 18:11:50 | 000,064,352 | ---- | C] (Avago Technologies) – C:\WINDOWS\SysNative\drivers\MegaSas2i.sys
[2016-12-27 18:04:24 | 000,000,000 | —D | C] – C:\WINDOWS\SysNative\Microsoft
[2016-12-27 18:02:26 | 000,000,000 | —D | C] – C:\WINDOWS\SysWow64\XPSViewer
[2016-12-27 18:02:25 | 000,000,000 | —D | C] – C:\Program Files\Reference Assemblies
[2016-12-27 18:02:25 | 000,000,000 | —D | C] – C:\Program Files (x86)\Reference Assemblies
[2016-12-27 18:02:25 | 000,000,000 | —D | C] – C:\Program Files\MSBuild
[2016-12-27 18:02:25 | 000,000,000 | —D | C] – C:\Program Files (x86)\MSBuild
[2016-12-27 09:39:05 | 000,176,064 | ---- | C] (Malwarebytes) – C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys
[2016-12-27 09:38:34 | 000,102,856 | ---- | C] (Malwarebytes) – C:\WINDOWS\SysNative\drivers\farflt.sys
[2016-12-27 09:38:34 | 000,091,584 | ---- | C] (Malwarebytes) – C:\WINDOWS\SysNative\drivers\mwac.sys
[2016-12-27 09:38:28 | 000,043,968 | ---- | C] (Malwarebytes) – C:\WINDOWS\SysNative\drivers\mbam.sys
[2016-12-27 09:38:14 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2016-12-27 09:38:05 | 000,000,000 | —D | C] – C:\Program Files\Malwarebytes
[1 C:\WINDOWS\SysNative*.tmp files -> C:\WINDOWS\SysNative*.tmp -> ]
[1 C:\Users\Keld\Desktop*.tmp files -> C:\Users\Keld\Desktop*.tmp -> ]
[1 C:\Users\Keld*.tmp files -> C:\Users\Keld*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2017-01-22 10:41:18 | 000,000,855 | ---- | M] () – C:\WINDOWS\SysNative\drivers\etc\hosts
[2017-01-22 08:47:05 | 003,183,150 | ---- | M] () – C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017-01-22 08:47:05 | 001,332,394 | ---- | M] () – C:\WINDOWS\SysNative\perfh006.dat
[2017-01-22 08:47:05 | 001,033,094 | ---- | M] () – C:\WINDOWS\SysNative\perfh009.dat
[2017-01-22 08:47:05 | 000,423,436 | ---- | M] () – C:\WINDOWS\SysNative\perfc009.dat
[2017-01-22 08:47:05 | 000,354,906 | ---- | M] () – C:\WINDOWS\SysNative\perfc006.dat
[2017-01-22 08:42:55 | 000,067,584 | --S- | M] () – C:\WINDOWS\bootstat.dat
[2017-01-22 08:41:10 | 000,250,816 | ---- | M] (Malwarebytes) – C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2017-01-22 08:40:54 | 016,777,216 | -HS- | M] () – C:\swapfile.sys
[2017-01-22 08:13:54 | 000,000,892 | ---- | M] () – C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job
[2017-01-22 08:13:54 | 000,000,830 | ---- | M] () – C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2017-01-21 21:55:23 | 000,028,272 | ---- | M] () – C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2017-01-21 18:43:18 | 001,514,138 | ---- | M] () – C:\Users\Keld\AppData\Local\census.cache
[2017-01-21 18:40:45 | 001,339,436 | ---- | M] () – C:\Users\Keld\AppData\Local\ars.cache
[2017-01-21 18:12:16 | 000,000,010 | ---- | M] () – C:\Users\Keld\AppData\Local\sponge.last.runtime.cache
[2017-01-21 18:00:56 | 000,000,036 | ---- | M] () – C:\Users\Keld\AppData\Local\housecall.guid.cache
[2017-01-20 17:07:15 | 000,000,214 | ---- | M] () – C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2017-01-20 12:11:37 | 000,002,245 | ---- | M] () – C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
[2017-01-19 08:49:38 | 000,054,736 | ---- | M] () – C:\WINDOWS\SysNative\drivers\hitmanpro37.sys
[2017-01-19 08:47:30 | 000,009,712 | ---- | M] () – C:\WINDOWS\SysNative.crusader
[2017-01-19 07:13:38 | 000,520,032 | ---- | M] (BitDefender S.R.L.) – C:\WINDOWS\SysNative\drivers\trufos.sys
[2017-01-19 07:07:20 | 000,002,360 | ---- | M] () – C:\Users\Public\Desktop\Driver Booster 4.lnk
[2017-01-18 21:49:46 | 000,001,265 | ---- | M] () – C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2017-01-18 07:48:20 | 000,946,696 | ---- | M] (Realtek ) – C:\WINDOWS\SysNative\drivers\rt640x64.sys
[2017-01-18 07:40:58 | 000,000,000 | ---- | M] () – C:\autoexec.bat
[2017-01-17 17:12:35 | 000,309,280 | ---- | M] (Bitdefender) – C:\WINDOWS\SysNative\drivers\ignis.sys
[2017-01-17 16:45:57 | 000,263,478 | ---- | M] () – C:\Users\Keld\Desktop\PensionsInfo_17-01-2017.pdf
[2017-01-16 07:00:13 | 005,046,712 | ---- | M] () – C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017-01-15 11:51:31 | 000,001,037 | ---- | M] () – C:\Users\Public\Desktop\TeamViewer 12.lnk
[2017-01-13 12:41:42 | 000,230,356 | ---- | M] () – C:\Users\Keld\Documents\IMG_20170113_0003.pdf
[2017-01-13 12:41:03 | 000,212,230 | ---- | M] () – C:\Users\Keld\Documents\IMG_20170113_0002.pdf
[2017-01-13 12:40:07 | 001,337,252 | ---- | M] () – C:\Users\Keld\Documents\IMG_20170113_0001.pdf
[2017-01-12 16:23:04 | 000,438,828 | ---- | M] () – C:\Users\Keld\Documents\IMG_20170112_0001.pdf
[2017-01-12 16:00:18 | 000,001,181 | ---- | M] () – C:\Users\Keld\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2017-01-10 12:44:53 | 000,043,968 | ---- | M] (Malwarebytes) – C:\WINDOWS\SysNative\drivers\mbam.sys
[2017-01-10 07:57:56 | 000,091,584 | ---- | M] (Malwarebytes) – C:\WINDOWS\SysNative\drivers\mwac.sys
[2017-01-10 06:56:42 | 000,102,856 | ---- | M] (Malwarebytes) – C:\WINDOWS\SysNative\drivers\farflt.sys
[2017-01-09 21:52:54 | 000,035,230 | ---- | M] () – C:\ProgramData\dm.1483995152.bdinstall.bin
[2017-01-09 21:50:18 | 000,055,888 | ---- | M] () – C:\ProgramData\dm.1483994994.bdinstall.bin
[2017-01-09 21:49:35 | 000,380,636 | ---- | M] () – C:\ProgramData\cl.1483994767.bdinstall.bin
[2017-01-09 21:48:58 | 000,253,404 | -H-- | M] () – C:\bdr-ld02
[2017-01-09 21:48:58 | 000,009,216 | -H-- | M] () – C:\bdr-ld02.mbr
[2017-01-09 21:48:58 | 000,000,684 | -H-- | M] () – C:\bdr-cf02
[2017-01-09 21:48:47 | 000,002,314 | ---- | M] () – C:\Users\Public\Desktop\Bitdefender 2017.lnk
[2017-01-09 21:42:36 | 000,028,867 | ---- | M] () – C:\ProgramData\agent.1483994541.bdinstall.bin
[2017-01-09 21:33:42 | 000,028,867 | ---- | M] () – C:\ProgramData\agent.1483994011.bdinstall.bin
[2017-01-09 21:32:03 | 000,028,868 | ---- | M] () – C:\ProgramData\agent.1483993912.bdinstall.bin
[2017-01-09 21:28:32 | 000,028,589 | ---- | M] () – C:\ProgramData\agent.1483993704.bdinstall.bin
[2017-01-09 21:27:00 | 000,028,866 | ---- | M] () – C:\ProgramData\agent.1483993611.bdinstall.bin
[2017-01-09 21:23:37 | 000,028,868 | ---- | M] () – C:\ProgramData\agent.1483993404.bdinstall.bin
[2017-01-09 21:17:50 | 000,225,617 | ---- | M] () – C:\ProgramData\1483992930.bdinstall.bin
[2017-01-09 07:38:31 | 000,001,146 | ---- | M] () – C:\Users\Public\Desktop\VLC media player.lnk
[2017-01-06 01:04:24 | 000,051,504 | ---- | M] (Dropbox, Inc.) – C:\WINDOWS\SysNative\DbxSvc.exe
[2017-01-06 00:48:58 | 000,075,888 | ---- | M] (Dropbox, Inc.) – C:\WINDOWS\SysNative\drivers\dbx-stable.sys
[2017-01-06 00:48:58 | 000,075,888 | ---- | M] (Dropbox, Inc.) – C:\WINDOWS\SysNative\drivers\dbx-dev.sys
[2017-01-06 00:48:58 | 000,075,888 | ---- | M] (Dropbox, Inc.) – C:\WINDOWS\SysNative\drivers\dbx-canary.sys
[2016-12-30 21:28:33 | 000,001,829 | ---- | M] () – C:\Users\Public\Desktop\iTunes.lnk
[2016-12-28 17:21:22 | 000,001,610 | ---- | M] () – C:\Users\Public\Desktop\Adobe Application Manager.lnk
[2016-12-28 09:23:16 | 000,202,651 | ---- | M] () – C:\Users\Keld\Documents\IMG_20161228_0001.pdf
[2016-12-27 18:48:15 | 000,002,375 | ---- | M] () – C:\Users\Keld\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2016-12-27 18:40:59 | 000,011,433 | ---- | M] () – C:\WINDOWS\diagwrn.xml
[2016-12-27 18:40:59 | 000,011,433 | ---- | M] () – C:\WINDOWS\diagerr.xml
[2016-12-27 18:36:42 | 000,022,952 | ---- | M] () – C:\WINDOWS\SysNative\emptyregdb.dat
[2016-12-27 18:13:19 | 000,015,425 | ---- | M] () – C:\WINDOWS\SysNative\OEMDefaultAssociations.xml
[2016-12-27 18:12:12 | 000,446,896 | ---- | M] () – C:\WINDOWS\SysNative\ApnDatabase.xml
[2016-12-27 18:12:06 | 000,141,824 | ---- | M] (Windows ® Win 7 DDK provider) – C:\WINDOWS\SysWow64\DscCoreConfProv.dll
[2016-12-27 18:11:59 | 000,204,288 | ---- | M] (Windows ® Win 7 DDK provider) – C:\WINDOWS\SysNative\DscCoreConfProv.dll
[2016-12-27 18:11:54 | 002,681,200 | ---- | M] () – C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016-12-27 18:11:54 | 002,048,496 | ---- | M] () – C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016-12-27 18:11:52 | 000,418,304 | ---- | M] () – C:\WINDOWS\SysNative\Windows.Perception.Stub.dll
[2016-12-27 18:11:52 | 000,265,728 | ---- | M] () – C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2016-12-27 18:11:50 | 000,064,352 | ---- | M] (Avago Technologies) – C:\WINDOWS\SysNative\drivers\MegaSas2i.sys
[2016-12-27 18:00:01 | 000,000,000 | -H-- | M] () – C:$WINRE_BACKUP_PARTITION.MARKER
[2016-12-27 17:08:34 | 000,008,192 | RHS- | M] () – C:\BOOTSECT.BAK
[2016-12-27 16:44:00 | 000,000,935 | ---- | M] () – C:\WINDOWS\tasks\EPSON Perfection V800_V850 Update.job
[2016-12-27 16:28:09 | 000,001,000 | ---- | M] () – C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job
[2016-12-27 12:09:57 | 000,000,996 | ---- | M] () – C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job
[2016-12-27 10:00:08 | 000,000,000 | ---- | M] () – C:\WINDOWS\SysWow64\speedTest
[2016-12-27 09:39:05 | 000,176,064 | ---- | M] (Malwarebytes) – C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys
[2016-12-27 09:38:14 | 000,001,927 | ---- | M] () – C:\Users\Public\Desktop\Malwarebytes.lnk
[2016-12-26 08:00:05 | 000,000,412 | ---- | M] () – C:\WINDOWS\tasks\X-Rite Device Services Software Updater.job
[1 C:\WINDOWS\SysNative*.tmp files -> C:\WINDOWS\SysNative*.tmp -> ]
[1 C:\Users\Keld\Desktop*.tmp files -> C:\Users\Keld\Desktop*.tmp -> ]
[1 C:\Users\Keld*.tmp files -> C:\Users\Keld*.tmp -> ]

========== Files Created - No Company Name ==========

[2017-01-21 21:55:23 | 000,028,272 | ---- | C] () – C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2017-01-21 18:43:18 | 001,514,138 | ---- | C] () – C:\Users\Keld\AppData\Local\census.cache
[2017-01-21 18:40:45 | 001,339,436 | ---- | C] () – C:\Users\Keld\AppData\Local\ars.cache
[2017-01-21 18:12:16 | 000,000,010 | ---- | C] () – C:\Users\Keld\AppData\Local\sponge.last.runtime.cache
[2017-01-21 18:00:56 | 000,000,036 | ---- | C] () – C:\Users\Keld\AppData\Local\housecall.guid.cache
[2017-01-21 11:53:52 | 000,000,172 | ---- | C] () – C:\WINDOWS\SysNative\drivers\NSSx64\0406010.050\isolate.ini
[2017-01-20 17:07:15 | 000,000,214 | ---- | C] () – C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2017-01-19 08:47:30 | 000,009,712 | ---- | C] () – C:\WINDOWS\SysNative.crusader
[2017-01-19 08:30:44 | 000,054,736 | ---- | C] () – C:\WINDOWS\SysNative\drivers\hitmanpro37.sys
[2017-01-19 07:05:42 | 000,002,360 | ---- | C] () – C:\Users\Public\Desktop\Driver Booster 4.lnk
[2017-01-18 21:49:46 | 000,001,265 | ---- | C] () – C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2017-01-18 07:40:58 | 000,000,000 | ---- | C] () – C:\autoexec.bat
[2017-01-17 16:45:56 | 000,263,478 | ---- | C] () – C:\Users\Keld\Desktop\PensionsInfo_17-01-2017.pdf
[2017-01-15 11:51:31 | 000,001,049 | ---- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
[2017-01-15 11:51:31 | 000,001,037 | ---- | C] () – C:\Users\Public\Desktop\TeamViewer 12.lnk
[2017-01-14 07:49:22 | 000,389,396 | RHS- | C] () – C:\bootmgr
[2017-01-14 07:49:22 | 000,000,001 | -HS- | C] () – C:\BOOTNXT
[2017-01-13 12:41:37 | 000,230,356 | ---- | C] () – C:\Users\Keld\Documents\IMG_20170113_0003.pdf
[2017-01-13 12:40:49 | 000,212,230 | ---- | C] () – C:\Users\Keld\Documents\IMG_20170113_0002.pdf
[2017-01-13 12:39:20 | 001,337,252 | ---- | C] () – C:\Users\Keld\Documents\IMG_20170113_0001.pdf
[2017-01-12 16:22:35 | 000,438,828 | ---- | C] () – C:\Users\Keld\Documents\IMG_20170112_0001.pdf
[2017-01-09 21:52:54 | 000,035,230 | ---- | C] () – C:\ProgramData\dm.1483995152.bdinstall.bin
[2017-01-09 21:50:18 | 000,055,888 | ---- | C] () – C:\ProgramData\dm.1483994994.bdinstall.bin
[2017-01-09 21:49:35 | 000,380,636 | ---- | C] () – C:\ProgramData\cl.1483994767.bdinstall.bin
[2017-01-09 21:48:58 | 000,000,684 | -H-- | C] () – C:\bdr-cf02
[2017-01-09 21:48:47 | 000,002,314 | ---- | C] () – C:\Users\Public\Desktop\Bitdefender 2017.lnk
[2017-01-09 21:48:09 | 003,271,472 | -H-- | C] () – C:\bdr-bz02
[2017-01-09 21:48:09 | 000,009,216 | -H-- | C] () – C:\bdr-ld02.mbr
[2017-01-09 21:48:08 | 049,758,588 | -H-- | C] () – C:\bdr-im02.gz
[2017-01-09 21:48:08 | 000,253,404 | -H-- | C] () – C:\bdr-ld02
[2017-01-09 21:42:36 | 000,028,867 | ---- | C] () – C:\ProgramData\agent.1483994541.bdinstall.bin
[2017-01-09 21:33:42 | 000,028,867 | ---- | C] () – C:\ProgramData\agent.1483994011.bdinstall.bin
[2017-01-09 21:32:03 | 000,028,868 | ---- | C] () – C:\ProgramData\agent.1483993912.bdinstall.bin
[2017-01-09 21:28:32 | 000,028,589 | ---- | C] () – C:\ProgramData\agent.1483993704.bdinstall.bin
[2017-01-09 21:27:00 | 000,028,866 | ---- | C] () – C:\ProgramData\agent.1483993611.bdinstall.bin
[2017-01-09 21:23:37 | 000,028,868 | ---- | C] () – C:\ProgramData\agent.1483993404.bdinstall.bin
[2017-01-09 21:17:50 | 000,225,617 | ---- | C] () – C:\ProgramData\1483992930.bdinstall.bin
[2016-12-30 21:28:33 | 000,001,829 | ---- | C] () – C:\Users\Public\Desktop\iTunes.lnk
[2016-12-28 17:21:22 | 000,001,622 | ---- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
[2016-12-28 17:21:22 | 000,001,610 | ---- | C] () – C:\Users\Public\Desktop\Adobe Application Manager.lnk
[2016-12-28 09:23:13 | 000,202,651 | ---- | C] () – C:\Users\Keld\Documents\IMG_20161228_0001.pdf
[2016-12-27 18:40:13 | 000,011,433 | ---- | C] () – C:\WINDOWS\diagwrn.xml
[2016-12-27 18:40:13 | 000,011,433 | ---- | C] () – C:\WINDOWS\diagerr.xml
[2016-12-27 18:32:03 | 000,001,576 | ---- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2016-12-27 18:25:52 | 000,000,352 | ---- | C] () – C:\Users\Keld\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2016-12-27 18:25:52 | 000,000,334 | ---- | C] () – C:\Users\Keld\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2016-12-27 18:23:13 | 007,513,855 | ---- | C] () – C:\WINDOWS\SysNative\nvcoproc.bin
[2016-12-27 18:23:01 | 000,067,584 | --S- | C] () – C:\WINDOWS\bootstat.dat
[2016-12-27 18:21:14 | 005,046,712 | ---- | C] () – C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016-12-27 18:20:15 | 000,041,182 | ---- | C] () – C:\WINDOWS\SysWow64\license.rtf
[2016-12-27 18:20:15 | 000,041,182 | ---- | C] () – C:\WINDOWS\SysNative\license.rtf
[2016-12-27 18:12:12 | 000,446,896 | ---- | C] () – C:\WINDOWS\SysNative\ApnDatabase.xml
[2016-12-27 18:11:54 | 002,681,200 | ---- | C] () – C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016-12-27 18:11:54 | 002,048,496 | ---- | C] () – C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016-12-27 18:11:52 | 000,418,304 | ---- | C] () – C:\WINDOWS\SysNative\Windows.Perception.Stub.dll
[2016-12-27 18:11:52 | 000,265,728 | ---- | C] () – C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2016-12-27 09:38:14 | 000,001,927 | ---- | C] () – C:\Users\Public\Desktop\Malwarebytes.lnk
[2016-12-27 09:38:12 | 000,077,416 | ---- | C] () – C:\WINDOWS\SysNative\drivers\mbae64.sys
[2016-09-15 16:24:32 | 000,000,469 | ---- | C] () – C:\WINDOWS\ODBCINST.INI
[2016-07-16 12:47:57 | 000,215,943 | ---- | C] () – C:\WINDOWS\SysWow64\dssec.dat
[2016-07-16 12:47:57 | 000,000,741 | ---- | C] () – C:\WINDOWS\SysWow64\NOISE.DAT
[2016-07-16 12:43:04 | 000,055,296 | ---- | C] () – C:\WINDOWS\SysWow64\BWContextHandler.dll
[2016-07-16 12:43:00 | 000,019,968 | ---- | C] () – C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2016-07-16 12:42:55 | 000,167,640 | ---- | C] () – C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2016-07-16 12:42:53 | 000,673,088 | ---- | C] () – C:\WINDOWS\SysWow64\mlang.dat
[2016-07-16 12:42:49 | 000,304,640 | ---- | C] () – C:\WINDOWS\SysWow64\HrtfApo.dll
[2016-07-16 12:42:48 | 000,364,544 | ---- | C] () – C:\WINDOWS\SysWow64\msjetoledb40.dll
[2016-07-16 12:42:43 | 000,002,307 | ---- | C] () – C:\WINDOWS\SysWow64\WimBootCompress.ini
[2016-07-16 12:42:12 | 000,043,131 | ---- | C] () – C:\WINDOWS\mib.bin
[2016-07-01 15:06:25 | 000,000,128 | -H-- | C] () – C:\ProgramData\V93GE
[2016-07-01 12:44:04 | 000,065,536 | ---- | C] () – C:\WINDOWS\SysWow64\esint00.dll
[2016-01-01 10:19:32 | 000,000,000 | ---- | C] () – C:\Users\Keld\AppData\Roaming\Stardockfences_debug_snapshot.dat
[2015-10-26 14:50:08 | 000,503,808 | ---- | C] () – C:\Users\Keld\stoevsuger Copy.fmpur
[2015-10-26 14:47:09 | 000,503,808 | ---- | C] () – C:\Users\Keld\stoevsuger Copy.fmp12
[2015-09-26 10:48:19 | 000,006,094 | ---- | C] () – C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2015-09-23 07:58:22 | 000,007,610 | ---- | C] () – C:\Users\Keld\AppData\Local\Resmon.ResmonCfg
[2015-09-05 15:55:35 | 000,001,456 | ---- | C] () – C:\Users\Keld\AppData\Local\Adobe Save for Web 13.0 Prefs
[2015-09-04 19:40:04 | 000,024,576 | ---- | C] () – C:\WINDOWS\SysWow64\snEUps.dll
[2015-09-04 19:39:33 | 000,683,801 | ---- | C] () – C:\Users\Keld\AppData\Roaming\unins000.exe
[2015-09-04 19:39:33 | 000,013,206 | ---- | C] () – C:\Users\Keld\AppData\Roaming\unins000.dat
[2015-09-02 09:38:16 | 000,133,776 | ---- | C] () – C:\WINDOWS\ColorPic Uninstaller.exe
[2015-08-21 17:36:48 | 000,191,512 | ---- | C] () – C:\WINDOWS\SysWow64\AirfoilInjector_3_7.dll
[2015-08-18 06:13:05 | 000,056,320 | ---- | C] () – C:\Users\Keld\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015-08-17 07:01:28 | 000,000,000 | ---- | C] () – C:\WINDOWS\prleth.sys
[2015-08-17 07:01:28 | 000,000,000 | ---- | C] () – C:\WINDOWS\hgfs.sys
[2015-08-17 07:01:12 | 000,000,374 | ---- | C] () – C:\WINDOWS\SysWow64\data.bin
[2015-05-13 20:51:28 | 000,033,781 | ---- | C] () – C:\Users\Keld.spyglass.properties
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\ZvMt63sO80ANdT4ye9W5hSwx
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\ZPVSaQuFPh6aoRfaVKE.virus-Adware.JS.Crossrider.D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\ZgNrFEJPj5JbJXDPmJ
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\Z28xauGFp0mdlhj3MyEnT6.virus-Adware.JS.Crossrider.D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\YmVr6DWrpOvNBxFl1
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\yHoXtD1jXzVyQ3VIJFECoZ0D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\x3oDkixWOBB3sh30S8kBD7qf3
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\Wvy9Otkpqqvze8HduO
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\VO8fC0RJtQj
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\TGAKdvCVPLzP2C.virus-Adware.JS.Crossrider.D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\tcEKdQN7jUG
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\sMfU1naEx.virus-Adware.JS.Crossrider.D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\rxtP6zVyvZm8ZFy.virus-Adware.JS.Crossrider.D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\Q3id8AgbRFU2OWzpnrPT7w8CRGD
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\Nm3jygt.virus-Adware.JS.Crossrider.D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\nemUfiEfOR3lGVB.virus-Adware.JS.Crossrider.D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\JQIGTEYleiOO27jh7LrF
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\JiTFIoy
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\hozS4FdKs1LCyIuj5c
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\H3XJQoZW0hFraZEfRDQOqs2cZQ.virus-Adware.JS.Crossrider.D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\GLi8AF5g
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\f5yPCt641q6JzFYRGK9aW.virus-Adware.JS.Crossrider.D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\ETQylix4Pgsw9NzzqIN
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\ec1eMLlg7RC5hVPRk1xKNjaaCt.virus-Adware.JS.Crossrider.D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\dYASrbh4uOMXF1AzQO8op.virus-Adware.JS.Crossrider.D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\cjRxFqgSOFbSpYbg9
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\bUF5hBnFyE1qspaUQ2Hok1.virus-Adware.JS.Crossrider.D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\b1DRoxqzsooth7u
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\9WCW9VaTMbjswiZzTi
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\9RDDeKMPIurtwhzO81dn
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\8ELJGqcGgS6ijdRJ2QAn7b5.virus-Adware.JS.Crossrider.D
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\80oKB4mV2T4CT4Yn
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\7CUQ7x3MKeBv5PhnW59XkNcVU
[2015-04-19 13:20:16 | 000,000,626 | ---- | C] () – C:\Users\Keld\AppData\Roaming\6Vt1DEtNZMTI3
[2015-03-28 20:41:01 | 000,000,169 | ---- | C] () – C:\Users\Keld\LAViewer.properties
[2014-10-07 12:24:03 | 001,922,628 | ---- | C] () – C:\Users\Keld\Localizable.strings
[2014-03-19 18:48:55 | 000,000,218 | ---- | C] () – C:\Users\Keld.recently-used.xbel
[2013-01-17 18:38:18 | 000,238,901 | ---- | C] () – C:\Users\Keld\kickstart.php
[2013-01-17 18:38:18 | 000,094,840 | ---- | C] () – C:\Users\Keld\jquery.min.js
[2013-01-17 18:38:18 | 000,005,856 | ---- | C] () – C:\Users\Keld\sv-SE.kickstart.ini
[2013-01-17 18:38:18 | 000,003,377 | ---- | C] () – C:\Users\Keld\json2.min.js
[2011-12-13 18:05:06 | 000,091,609 | ---- | C] () – C:\Users\Keld.linkassistant.properties
[2011-11-18 22:09:09 | 000,465,456 | ---- | C] () – C:\Users\Keld.websiteauditor.properties
[2011-11-18 22:05:47 | 000,195,309 | ---- | C] () – C:\Users\Keld.spyglass.properties.bak
[2011-11-17 20:24:53 | 000,137,281 | ---- | C] () – C:\Users\Keld.ranktracker.properties
[2011-11-01 09:35:22 | 000,000,001 | ---- | C] () – C:\Users\Keld\params.ini
[2009-12-21 18:37:18 | 000,006,893 | ---- | C] () – C:\Users\Keld\Logon.aspx.da.resx
[2009-09-20 20:30:24 | 000,001,213 | ---- | C] () – C:\Users\Keld.jalbum-recent-projects.properties
[2009-09-20 20:29:55 | 000,000,942 | ---- | C] () – C:\Users\Keld.jalbum-defaults.jap
[2009-09-20 20:29:55 | 000,000,455 | ---- | C] () – C:\Users\Keld.jalbum-ftp-accounts.xml
[2009-08-11 16:36:00 | 000,060,304 | ---- | C] () – C:\Users\Keld\g2mdlhlpx.exe
[2009-05-21 09:44:22 | 000,000,001 | ---- | C] () – C:\Users\Keld\temp.dat

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
“” = C:\Windows\SysNative\windows.storage.dll – [2016-12-27 18:11:54 | 007,219,672 | ---- | M] (Microsoft Corporation)
“ThreadingModel” = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
“” = %SystemRoot%\system32\windows.storage.dll – [2016-12-27 18:11:54 | 005,722,832 | ---- | M] (Microsoft Corporation)
“ThreadingModel” = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
“” = C:\Windows\SysNative\wbem\fastprox.dll – [2016-07-16 12:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation)
“ThreadingModel” = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
“” = %systemroot%\system32\wbem\fastprox.dll – [2016-07-16 12:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation)
“ThreadingModel” = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
“” = C:\Windows\SysNative\wbem\wbemess.dll – [2016-07-16 12:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation)
“ThreadingModel” = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2016-12-27 18:32:07 | 000,000,000 | —D | M] – C:\Users\Default\AppData\Roaming\Genie9
[2016-12-27 18:32:07 | 000,000,000 | —D | M] – C:\Users\Default User\AppData\Roaming\Genie9
[2015-08-16 10:41:23 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\ACD Systems
[2015-08-16 16:29:42 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Acronis
[2015-12-23 15:02:16 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\AgileBits
[2015-08-31 19:49:49 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Anthropics
[2016-12-26 13:44:38 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\AVG
[2017-01-09 21:50:08 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Bitdefender
[2017-01-20 18:03:08 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\BitTorrent
[2016-01-28 09:57:54 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\CamRanger
[2015-12-13 17:48:04 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Canneverbe Limited
[2015-12-25 12:44:24 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Canon
[2015-12-14 16:40:50 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\CD-LabelPrint
[2015-12-09 20:16:06 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\chc
[2015-12-09 20:16:03 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2015-08-27 16:30:14 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\com.adobe.AdobeMuseCC.2015.0
[2016-12-07 07:35:49 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
[2015-11-22 15:14:07 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Dropbox
[2016-07-01 12:53:23 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Epson
[2015-09-07 15:29:01 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\FileMaker
[2015-08-24 12:55:24 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\FileMaker Pro
[2017-01-16 13:36:58 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\FileZilla
[2015-08-28 06:30:10 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\FotoWare
[2016-03-14 21:11:31 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Genie9
[2017-01-22 08:43:52 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\gSyncit
[2016-11-04 12:04:13 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\IObit
[2015-08-16 15:36:16 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Jotta
[2016-07-01 15:06:49 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\LaserSoft Imaging
[2015-12-12 21:43:20 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\MP3 Quality Modifier
[2016-09-19 09:00:40 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\MySQL
[2015-10-03 09:14:43 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Notepad++
[2015-08-17 06:30:50 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Opera Software
[2016-09-15 16:28:14 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Oracle
[2015-08-24 08:27:25 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\PDAppFlex
[2016-11-12 09:35:17 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Poedit
[2015-09-04 19:44:23 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\ProductData
[2015-08-17 07:12:52 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\QuickScan
[2015-08-31 07:28:47 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\R-TT
[2016-03-03 20:02:55 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Softland
[2015-12-08 09:10:33 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\SolidDocuments
[2015-08-16 16:06:35 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Stardock
[2016-06-25 07:36:24 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Sublime Text 3
[2015-12-28 08:58:53 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Syncios
[2017-01-22 08:42:37 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\SynciOS Data Transfer
[2016-04-01 12:36:50 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\TeamViewer
[2015-08-31 10:24:28 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\TomTom
[2016-09-06 07:13:26 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Tonec
[2016-03-24 09:05:56 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\TreeCardGames
[2015-12-28 16:25:49 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\TuneUp Software
[2015-08-21 08:54:24 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\Verimatrix
[2016-07-02 08:45:28 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\X-Rite
[2017-01-09 15:53:20 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\XnView
[2016-11-19 11:16:51 | 000,000,000 | —D | M] – C:\Users\Keld\AppData\Roaming\yWorks

========== Purity Check ==========

< End of report >