Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No connection to google.com with any browser. Bitdefender finds nothing (-_-* )


  • This topic is locked This topic is locked
12 replies to this topic

#1 Laurens_Cleyman

Laurens_Cleyman

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:54 AM

Posted 13 January 2015 - 04:30 PM

Hi guys,

 

I'm an IT-highschool student.  :graduate:

 

But I just can't solve my own problems... so I'm standing here ashamed and helpless... Anyone who see a solution?

 

Discription of the situation:

 

It is not possible to go to google.com...

 

Errorcode: ERR_CONNECTION_CLOSED

 

I tried it with different browsers (Chrome and Internet Explorer)

 

However, when I use a proxy I can reach it... so it 's not that google is offline....

 

This issue is killing me, as a student, for weeks now. Because you know: without google you 'r as dumb as a stone !  :crazy:

 

Things I tried to solve the issue:

  • Bitdefender Total Security -> Full system scan
  • Kaspersky Total Security -> Full system scan
  • Comodo Firewall -> up and running

Progress I have made:

 

None  :blush:

 

Steps I did of the Preperation Guide:

 

1 - Backup your data!  :thumbsup2:

2- Not all slow computers are caused by Malware.  :thumbsup2:

3- Create a free account  :thumbsup2:

4- Enable topic reply notification by default.  :thumbsup2:

5- Enable a firewall  :thumbsup2:

6- Download and Run DDs :axe:

 

I use Windows 8.1 x64 and when I run dds.exe I get the following message:

 

 

DDS is not meant to run in 'Compatibility Mode'.
The program shall now exit.

[OK]

 

I searched on the forum and what I read is that dds.exe is not compatible with windows 8.1?

Or is their another tool to provide you a log file? 

 

Thanks in advence!

 

Best regards,

 

Laurens a.k.a. SWG (Student Without Google)

Attached Files


Edited by Laurens_Cleyman, 13 January 2015 - 04:32 PM.


BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 AM

Posted 14 January 2015 - 03:53 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
  
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.
 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Laurens_Cleyman

Laurens_Cleyman
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:54 AM

Posted 14 January 2015 - 04:27 AM

Wow, that was quick !  :o

 

Thanks for the reply and for taking a look at it !!   :woot:

 

Here are the things you asked: 

 

 

Scan with FRST in normal mode
 
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02
Ran by Laurens Cleyman (administrator) on LENOVO-PC on 14-01-2015 10:03:07
Running from C:\Users\Laurens Cleyman\Downloads\Chrome
Loaded Profiles: Laurens Cleyman & MSSQLSERVER (Available profiles: Laurens Cleyman & MSSQLSERVER)
Platform: Windows 8.1 (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(COMODO Security Solutions) C:\Program Files\COMODO\COMMON\COSService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(COMODO Security Solutions) C:\Program Files\COMODO\COMMON\SynchronizationService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avpui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Spotify Ltd) C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\spotify.exe
() C:\Program Files (x86)\Belvedere\Belvedere.exe
(Dropbox, Inc.) C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\pmbxcrnmh.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\plugin-nm-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-03-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-07-06] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-07-06] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-07-06] (Lenovo(beijing) Limited)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1757520 2014-12-08] (Bitdefender)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297112 2014-12-09] (COMODO)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-08-26] (cyberlink)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-03-18] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4494848 2014-06-23] (Research In Motion Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-17] (Comodo Security Solutions, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-08] (Bitdefender)
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-05] (Bitdefender)
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-05] (Bitdefender)
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\Run: [Spotify Web Helper] => C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\Run: [Spotify] => C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\MountPoints2: {53650a79-50a3-11e4-8266-f8a9633c570f} - "H:\autorun.exe" 
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\MountPoints2: {81d02315-505f-11e4-8265-f8a9633c570f} - "G:\autorun.exe" 
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\MountPoints2: {fce9d2fc-3398-11e4-8261-f8a9633c570f} - "E:\EMP_UDSe.exe" /autorun
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-08] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-05] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-05] (Bitdefender)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Belvedere.lnk
ShortcutTarget: Belvedere.lnk -> C:\Program Files (x86)\Belvedere\Belvedere.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\Users\Laurens Cleyman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Laurens Cleyman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\Laurens Cleyman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk
ShortcutTarget: Verzenden naar OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [COSDriveIconOverlay] -> {5FDACB62-6B7B-4116-9403-C5E0D3852A57} => C:\Program Files\COMODO\COMMON\ShellExtension.dll (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemInSyncIconOverlay] -> {68F287EF-DA6D-4595-AF52-90FF6CE52AFE} => C:\Program Files\COMODO\COMMON\ShellExtension.dll (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemModifiedIconOverlay] -> {AE67D273-7253-4236-B55E-D40055B305D6} => C:\Program Files\COMODO\COMMON\ShellExtension.dll (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemNewIconOverlay] -> {022F23E9-DA0F-4A86-A728-CAF6150C0B63} => C:\Program Files\COMODO\COMMON\ShellExtension.dll (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemUnsynchronizedIconOverlay] -> {4D7EE7CF-E7A1-45FE-8F80-3A37574918D7} => C:\Program Files\COMODO\COMMON\ShellExtension.dll (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\shellex.dll (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\shellex.dll (Kaspersky Lab ZAO)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-585059303-2465892597-2649365962-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-585059303-2465892597-2649365962-1001 -> DefaultScope {6EE6ADC2-8869-4D1C-982E-250928C25856} URL = 
SearchScopes: HKU\S-1-5-21-585059303-2465892597-2649365962-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-585059303-2465892597-2649365962-1001 -> {6EE6ADC2-8869-4D1C-982E-250928C25856} URL = 
SearchScopes: HKU\S-1-5-21-585059303-2465892597-2649365962-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files\QlikView\QvProtocol\qvp.dll (QlikTech AB)
Handler-x32: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files (x86)\QlikView\QvProtocol\qvp.dll (QlikTech AB)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{078F2338-02C9-4FDB-A718-2BB5A17377FF}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{24AAF4AA-E9AA-4C32-AFF1-DA9770F01044}: [NameServer] 156.154.70.25,156.154.71.25

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-585059303-2465892597-2649365962-1001: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll No File
FF Plugin HKU\S-1-5-21-585059303-2465892597-2649365962-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Laurens Cleyman\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-08-26]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2014-08-26]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-11]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-11]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-01-11]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://google.be/"
CHR Profile: C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Documenten) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-26]
CHR Extension: (Google Drive) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-26]
CHR Extension: (YouTube) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-26]
CHR Extension: (Bitdefender Wallet) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-08-26]
CHR Extension: (Facebook Activity Remover) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjhdaapekomkhcdfkeogcmhimmmkgkpb [2014-10-27]
CHR Extension: (Screenshot - Webpage Screenshot) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2014-08-26]
CHR Extension: (TypingWeb Typing Tutor) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\clcgempicojkfhpnepfecmklndooebjk [2014-12-03]
CHR Extension: (Google Zoeken) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-26]
CHR Extension: (Kaspersky Bescherming) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-01-11]
CHR Extension: (Google Agenda) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-09-16]
CHR Extension: (Bookmarks Menu) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi [2014-12-03]
CHR Extension: (AdBlock) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-26]
CHR Extension: (UKBay Launcher) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfhobpngpkdpmlimlhcmailleodhhagi [2014-12-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-05]
CHR Extension: (Google Mail Checker) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-08-26]
CHR Extension: (Google Wallet) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26]
CHR Extension: (Facebook Message Seen Notification Remover) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\piohdenkodpbcigpkmicjapilbfjioil [2014-10-31]
CHR Extension: (Gmail) - C:\Users\Laurens Cleyman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-26]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-12-08]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows (R) Win 7 DDK provider)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2014-08-05] (Bitdefender)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-03-18] (BlackBerry Limited) [File not signed]
S2 CLKMSVC10_3A60B698; C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-08-26] (CyberLink)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-09-17] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2014-12-09] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2014-12-09] (COMODO)
R2 COSService.exe; C:\Program Files\COMODO\COMMON\COSService.exe [3550400 2014-10-07] (COMODO Security Solutions)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-17] (Comodo Security Solutions, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-07-06] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-07-06] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-07-06] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-07-06] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-06-23] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1325568 2014-06-23] (Research In Motion Limited) [File not signed]
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-10-10] (@ByELDI) [File not signed]
S4 SQLSERVERAGENT; c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynchronizationService.exe; C:\Program Files\COMODO\COMMON\SynchronizationService.exe [2575552 2014-10-07] (COMODO Security Solutions)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2014-08-05] (Bitdefender)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2014-07-06] ()
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1538672 2014-12-08] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-12-24] (Atheros) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [X]
S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3880448 2013-11-13] (Qualcomm Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-12-08] (BitDefender)
S3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [263032 2014-12-08] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-11-19] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
R0 bdisk; C:\Windows\System32\DRIVERS\bdisk.sys [85488 2014-10-07] (COMODO Security Solutions Inc.)
S3 BDSandBox; C:\windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R0 CBUFS; C:\Windows\System32\DRIVERS\CBUFS.sys [230712 2014-10-07] (COMODO Security Solutions Inc.)
R0 cbvd; C:\Windows\System32\DRIVERS\cbvd.sys [677744 2014-10-07] (COMODO Security Solutions Inc.)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2014-12-09] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [807568 2014-12-09] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35080 2014-12-09] (COMODO)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S2 DgiVecp; C:\windows\SysWOW64\Drivers\DgiVecp.sys [38400 2009-06-09] (Samsung Electronics Co., Ltd.) [File not signed]
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-20] (Disc Soft Ltd)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [24904 2014-03-11] (ELAN Microelectronic Corp.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [126208 2014-12-09] (COMODO)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2015-01-11] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [799944 2015-01-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2015-01-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2015-01-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49776 2014-07-25] (Visicom Media Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R0 Reparse; C:\Windows\System32\DRIVERS\CBReparse.sys [674160 2014-10-07] (COMODO Security Solutions Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-24] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-12-08] (BitDefender S.R.L.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
R3 vdbus; C:\Windows\System32\drivers\vdbus.sys [826040 2014-10-07] (COMODO Security Solutions Inc.)
R3 vmkbd2; C:\windows\system32\drivers\VMkbd.sys [33496 2014-06-12] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S2 SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
U3 wampapache64; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 10:02 - 2015-01-14 10:03 - 00000000 ____D () C:\FRST
2015-01-13 21:07 - 2015-01-14 10:02 - 00001776 _____ () C:\windows\system32\Drivers\fvstore.dat
2015-01-13 21:06 - 2015-01-13 21:06 - 00688992 _____ (Swearware) C:\Users\Laurens Cleyman\Desktop\dds.com
2015-01-13 21:05 - 2015-01-13 21:05 - 00911360 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00535640 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00531616 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00500016 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00482872 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00465320 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2015-01-13 21:05 - 2015-01-13 21:05 - 00448792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00424544 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00413248 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00413136 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2015-01-13 21:05 - 2015-01-13 21:05 - 00394120 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00391680 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00372408 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00370424 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00360448 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00344536 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00272248 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-01-13 21:05 - 2015-01-13 21:05 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-13 21:05 - 2015-01-13 21:05 - 00139984 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2015-01-13 21:05 - 2015-01-13 21:05 - 00136296 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2015-01-13 21:05 - 2015-01-13 21:05 - 00108944 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-13 21:05 - 2015-01-13 21:05 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00038264 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2015-01-13 21:05 - 2015-01-13 21:05 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2015-01-13 21:05 - 2015-01-13 21:05 - 00033584 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2015-01-13 21:05 - 2015-01-13 21:05 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2015-01-13 21:05 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ahcache.sys
2015-01-13 21:05 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-13 20:24 - 2015-01-14 09:59 - 01046480 _____ () C:\windows\system32\Drivers\sfi.dat
2015-01-13 20:24 - 2015-01-13 20:24 - 00001904 _____ () C:\Users\Public\Desktop\COMODO Internet Security.lnk
2015-01-13 20:24 - 2015-01-13 20:24 - 00000000 ____D () C:\windows\System32\Tasks\COMODO
2015-01-13 20:24 - 2015-01-13 20:24 - 00000000 ____D () C:\ProgramData\Shared Space
2015-01-13 20:23 - 2015-01-13 20:23 - 00002040 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk
2015-01-13 20:22 - 2015-01-13 20:22 - 00057096 _____ (COMODO CA Limited) C:\windows\system32\certsentry.dll
2015-01-13 20:22 - 2015-01-13 20:22 - 00048392 _____ (COMODO CA Limited) C:\windows\SysWOW64\certsentry.dll
2015-01-13 20:22 - 2015-01-13 20:22 - 00001143 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2015-01-13 20:22 - 2015-01-13 20:22 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Local\Comodo
2015-01-13 20:22 - 2015-01-13 20:22 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2015-01-13 20:22 - 2015-01-13 20:22 - 00000000 ____D () C:\Program Files (x86)\Comodo
2015-01-13 20:21 - 2015-01-13 20:24 - 00000000 ____D () C:\ProgramData\Comodo
2015-01-12 15:38 - 2015-01-12 15:38 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-12 15:37 - 2015-01-13 20:26 - 00001130 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-12 15:37 - 2015-01-12 15:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-12 15:37 - 2015-01-12 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-12 15:37 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-12 15:37 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-01-12 15:37 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-01-12 15:26 - 2015-01-12 15:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-11 21:25 - 2015-01-11 21:25 - 20447072 _____ (Malwarebytes Corporation ) C:\moon.exe
2015-01-11 16:29 - 2015-01-14 09:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-11 16:29 - 2015-01-11 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2015-01-11 16:29 - 2015-01-11 16:29 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-01-11 16:29 - 2014-08-12 18:32 - 00247480 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klhk.sys
2015-01-11 16:29 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\windows\system32\klfphc.dll
2015-01-11 16:25 - 2015-01-11 16:25 - 00000000 ____D () C:\Program Files (x86)\DAMN NFO Viewer
2015-01-07 14:32 - 2015-01-07 14:47 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Roaming\Rainmeter
2015-01-07 14:32 - 2015-01-07 14:32 - 00001729 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2015-01-07 14:32 - 2015-01-07 14:32 - 00000000 ____D () C:\Users\Laurens Cleyman\Downloads\Documents\Rainmeter
2015-01-07 14:32 - 2015-01-07 14:32 - 00000000 ____D () C:\Program Files\Rainmeter
2015-01-04 18:48 - 2015-01-04 18:48 - 00000000 ____D () C:\Users\Laurens Cleyman\Downloads\Documents\OneNote-notitieblokken
2015-01-04 17:48 - 2015-01-13 19:36 - 00000380 _____ () C:\windows\Tasks\PC SpeedUp Service Deactivator.job
2015-01-04 17:48 - 2015-01-04 17:48 - 00002742 _____ () C:\windows\System32\Tasks\PC SpeedUp Service Deactivator
2015-01-04 17:46 - 2015-01-04 17:46 - 00003604 _____ () C:\windows\System32\Tasks\YTDownloader
2015-01-04 17:46 - 2015-01-04 17:46 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Local\CrashRpt
2015-01-01 23:11 - 2015-01-01 23:11 - 00000000 ____D () C:\Users\Laurens Cleyman\Downloads\Documents\My Games
2015-01-01 23:11 - 2015-01-01 23:11 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Local\My Games
2015-01-01 21:28 - 2015-01-01 21:28 - 00001671 _____ () C:\Users\Laurens Cleyman\Desktop\Play Civilization V.lnk
2015-01-01 21:23 - 2015-01-01 21:28 - 00000000 ____D () C:\Games
2014-12-25 22:14 - 2014-12-25 22:14 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-12-25 22:13 - 2014-12-28 16:52 - 00000132 _____ () C:\Users\Laurens Cleyman\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-12-24 18:17 - 2014-12-24 18:17 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2014-12-24 18:16 - 2014-12-24 18:16 - 00001234 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2014-12-24 18:16 - 2014-12-24 18:16 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-12-24 18:15 - 2014-12-24 18:17 - 00000000 ____D () C:\Program Files\Adobe
2014-12-24 18:15 - 2014-12-24 18:15 - 00001196 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2014-12-24 18:13 - 2014-12-24 18:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-24 18:13 - 2014-12-24 18:13 - 00001550 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-12-24 18:13 - 2014-12-24 18:13 - 00001380 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-12-24 18:12 - 2014-12-24 18:17 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-12-22 20:32 - 2015-01-13 18:29 - 00003576 _____ () C:\windows\System32\Tasks\Bitdefender Autoscan
2014-12-15 15:54 - 2014-12-15 15:55 - 00000000 ____D () C:\Program Files (x86)\Belvedere
2014-12-15 15:54 - 2014-12-15 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belvedere
2014-12-15 15:50 - 2015-01-09 21:31 - 00000000 ___RD () C:\Users\Laurens Cleyman\Temp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 10:03 - 2014-08-26 15:49 - 00000000 ____D () C:\Users\Laurens Cleyman\Downloads\Chrome
2015-01-14 10:00 - 2014-07-06 00:25 - 01323078 _____ () C:\windows\WindowsUpdate.log
2015-01-14 10:00 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\sru
2015-01-14 09:54 - 2014-10-15 09:15 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Roaming\Spotify
2015-01-14 09:46 - 2014-09-08 00:03 - 00005078 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Lenovo-PC-Laurens Cleyman Lenovo-PC
2015-01-14 09:42 - 2014-08-26 14:15 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-585059303-2465892597-2649365962-1001
2015-01-14 09:38 - 2014-08-26 14:13 - 00004002 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{41F7D083-895D-4F66-AFF0-12A33116A5A6}
2015-01-14 09:38 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\AppReadiness
2015-01-14 09:34 - 2014-08-26 16:22 - 00000000 ___RD () C:\Users\Laurens Cleyman\Dropbox
2015-01-14 09:34 - 2014-08-26 16:20 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox
2015-01-14 09:33 - 2014-09-16 15:51 - 00000000 ___RD () C:\Users\Laurens Cleyman\Google Drive
2015-01-14 09:32 - 2014-10-15 13:55 - 00000000 ____D () C:\ProgramData\VMware
2015-01-14 09:32 - 2014-08-26 14:15 - 00001080 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-14 09:31 - 2013-08-22 15:46 - 00033001 _____ () C:\windows\setupact.log
2015-01-14 09:31 - 2013-08-22 15:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-13 23:03 - 2014-07-06 01:09 - 00004608 _____ () C:\windows\system32\VfService.trf
2015-01-13 22:24 - 2014-11-05 13:36 - 00667136 ___SH () C:\Users\Laurens Cleyman\Desktop\Thumbs.db
2015-01-13 21:59 - 2013-08-22 16:20 - 00000000 ____D () C:\windows\CbsTemp
2015-01-13 21:58 - 2014-08-30 01:09 - 00000000 ____D () C:\windows\system32\MRT
2015-01-13 21:49 - 2014-08-30 01:09 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-13 21:06 - 2014-08-30 09:06 - 00714720 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-13 21:06 - 2014-08-30 09:06 - 00106976 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 20:32 - 2014-08-26 16:00 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Roaming\uTorrent
2015-01-13 20:24 - 2014-12-14 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2015-01-13 20:24 - 2014-12-14 21:37 - 00000000 ____D () C:\Program Files\COMODO
2015-01-13 20:24 - 2014-07-06 01:11 - 01151960 _____ () C:\windows\system32\perfh013.dat
2015-01-13 20:24 - 2014-07-06 01:11 - 00282434 _____ () C:\windows\system32\perfc013.dat
2015-01-13 20:20 - 2014-08-26 15:48 - 00000000 ____D () C:\Users\Laurens Cleyman\Downloads\µTorrent
2015-01-13 19:49 - 2014-08-26 14:15 - 00001084 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-13 09:56 - 2014-08-26 14:09 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Local\Packages
2015-01-13 06:45 - 2014-03-18 10:44 - 00041534 _____ () C:\windows\PFRO.log
2015-01-12 18:27 - 2014-10-15 09:15 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Local\Spotify
2015-01-12 15:45 - 2014-08-26 14:07 - 00000000 ____D () C:\Users\Laurens Cleyman
2015-01-12 15:05 - 2014-09-09 14:09 - 00000027 _____ () C:\ProgramData\lcsuc_prof.cfg
2015-01-12 08:49 - 2013-08-22 14:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-01-11 20:53 - 2013-08-22 14:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-01-11 18:43 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-11 16:33 - 2014-08-20 18:04 - 00799944 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
2015-01-11 16:33 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klflt.sys
2015-01-11 16:33 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klwtp.sys
2015-01-11 16:33 - 2014-07-25 13:13 - 00068616 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klwfp.sys
2015-01-11 16:29 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\ELAMBKUP
2015-01-08 23:24 - 2014-08-26 16:10 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Roaming\vlc
2015-01-08 14:51 - 2014-11-13 11:43 - 00000000 ____D () C:\Users\Laurens Cleyman\Downloads\Documents\SQL Server Management Studio
2015-01-06 18:58 - 2014-12-03 10:03 - 00000000 ____D () C:\Users\Laurens Cleyman\Downloads\Documents\Toekomst - Gezin
2015-01-05 12:27 - 2014-03-18 10:53 - 02078434 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-04 18:19 - 2013-08-22 16:36 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2015-01-04 18:19 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2015-01-04 17:54 - 2013-08-22 15:44 - 05113936 _____ () C:\windows\system32\FNTCACHE.DAT
2015-01-04 17:51 - 2014-08-26 15:01 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Roaming\QuickScan
2014-12-28 12:06 - 2014-08-26 17:32 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Local\Adobe
2014-12-26 20:36 - 2014-08-26 17:18 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-26 20:33 - 2014-08-26 14:09 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Roaming\Adobe
2014-12-26 19:35 - 2014-09-07 11:43 - 00000000 ____D () C:\Users\Laurens Cleyman\Downloads\Documents\Webstek Leidraad
2014-12-25 21:15 - 2014-11-24 21:29 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Local\Popcorn-Time
2014-12-25 17:14 - 2014-08-26 17:20 - 00000000 ____D () C:\Users\Laurens Cleyman\Downloads\Temp
2014-12-25 16:19 - 2014-08-31 17:55 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Local\CrashDumps
2014-12-24 18:17 - 2014-12-06 17:04 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-12-22 20:28 - 2014-11-14 11:10 - 00000000 ____D () C:\Users\MSSQLSERVER
2014-12-22 16:20 - 2014-11-12 14:17 - 00000000 ____D () C:\Users\Laurens Cleyman\Downloads\Documents\Bibliotheek
2014-12-18 11:01 - 2014-08-26 16:21 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-16 16:42 - 2014-12-06 18:06 - 00595832 _____ () C:\Users\Laurens Cleyman\Downloads\Documents\Naamloos-1.psd
2014-12-15 09:38 - 2014-10-15 13:58 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Roaming\VMware
2014-12-15 09:38 - 2014-10-15 13:58 - 00000000 ____D () C:\Users\Laurens Cleyman\AppData\Local\VMware

Some content of TEMP:
====================
C:\Users\Laurens Cleyman\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptsl4es.dll
C:\Users\Laurens Cleyman\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-11 22:32

==================== End Of Log ============================
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015 02
Ran by Laurens Cleyman at 2015-01-14 10:04:11
Running from C:\Users\Laurens Cleyman\Downloads\Chrome
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Kaspersky Total Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Kaspersky Total Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
FW: Kaspersky Total Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
Belvedere 0.5 (HKLM-x32\...\Belvedere) (Version: 0.5 - Lifehacker)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.29.0.1235 - Bitdefender)
BlackBerry Link (HKLM-x32\...\BlackBerry_10_Desktop) (Version: 1.2.3.56 - BlackBerry Ltd.)
BlackBerry Link (x32 Version: 1.2.3.56 - BlackBerry Ltd.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.67.1076 - AB Team, d.o.o.)
BurnAware Free 7.5 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
calibre 64bit (HKLM\...\{98EF3B25-E714-46D7-AD9E-13CF2E29F741}) (Version: 2.10.0 - Kovid Goyal)
COMODO BackUp (HKLM\...\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}) (Version: 4.4.1.23 - COMODO)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo)
COMODO Internet Security Premium (HKLM\...\{18F14F4B-D8A9-4309-817E-3BC0B7664E53}) (Version: 8.0.0.4344 - COMODO Security Solutions Inc.)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
Enpass 4.0.5 (HKLM-x32\...\Enpass) (Version: 4.0.5 - Sinew Software Systems)
FileZilla Client 3.9.0.3 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.5.624 - Foxit Corporation)
GeekBuddy (HKLM\...\{8EE6F031-FD37-45A2-95CE-696777FC4EC6}) (Version: 4.13.120 - Comodo Security Solutions Inc)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.2 - Lenovo) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.39.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo)
Lenovo Settings (x32 Version: 1.0.0.46 - Lenovo) Hidden
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.2 - Lenovo)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo)
Lenovo Updates (x32 Version: 1.1.0.61 - Lenovo) Hidden
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.3211 - Lenovo)
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Malwarebytes Anti-Malware versie 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office Language Pack 2013  - Dutch/Nederlands (HKLM\...\Office15.OMUI.nl-nl) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{FEC535DD-0EB2-4709-87BD-1708C6364EB6}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.1.3000.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.50 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
QlikView x64 (HKLM\...\{BAB4187A-F349-497E-A151-79D1B274B936}) (Version: 11.20.12577.0 - QlikTech International AB)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2 beta r2326 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
SAS Enterprise Guide 6.1 OnDemand for Academics (64-bit) (HKLM\...\{0B669C73-F4CD-498F-B83F-0A42F1EDB092}) (Version: 6.100.0.2870 - SAS Institute Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{F0C12872-B60D-4E37-A2F9-20C46A5E1F1A}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 1 for SQL Server 2012 (KB2674319) (HKLM-x32\...\KB2674319) (Version: 11.1.3000.0 - Microsoft Corporation)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.1.3000.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Start Menu (HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\...\Pokki) (Version: 0.269.2.450 - Pokki)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Unity Web Player (HKU\S-1-5-21-585059303-2465892597-2649365962-1001\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Visual Paradigm 11.2 (HKLM\...\1106-5897-7327-6550) (Version: 11.2 - Visual Paradigm International Ltd.)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
Walletx - Sinew Software Systems (HKLM-x32\...\Walletx) (Version:  - )
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows Driver Package - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.11 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-585059303-2465892597-2649365962-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-585059303-2465892597-2649365962-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-585059303-2465892597-2649365962-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-585059303-2465892597-2649365962-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-585059303-2465892597-2649365962-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-585059303-2465892597-2649365962-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-585059303-2465892597-2649365962-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-585059303-2465892597-2649365962-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-585059303-2465892597-2649365962-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-585059303-2465892597-2649365962-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

29-12-2014 23:08:44 Gepland controlepunt
12-01-2015 00:10:03 Gepland controlepunt
13-01-2015 20:23:26 Installing COMODO Internet Security Premium

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2014-09-09 12:39 - 00000878 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1       localhost


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C835AB7-05C2-4CBC-BE19-E08411B17241} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Lenovo-PC-Laurens Cleyman Lenovo-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-11-12] (Microsoft Corporation)
Task: {1871CE4E-A7BE-44AD-8627-10FE6C89BD56} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-10-10] (@ByELDI)
Task: {20241D35-7B8B-4FB6-81D4-66D271DA7E56} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {3D3B3821-4602-437B-A10D-19A941649E05} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {4165982B-73A1-42B4-B5C3-9B91BADF5B52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-26] (Google Inc.)
Task: {67D942E0-B088-4229-A85A-AE798FFECEAF} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {6B96953A-9102-4D7D-BE0F-42E9DD2270A6} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-12-09] (COMODO)
Task: {70EA31BD-26E0-45B5-B4CC-AFEEE324999A} - System32\Tasks\Lenovo\Experience Improvement Logon => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2014-12-20] (Lenovo)
Task: {7FD7E25B-68E2-48C1-9EB5-1F74CFFF9B76} - System32\Tasks\Bitdefender Autoscan => C:\Program Files\Bitdefender\Bitdefender\mtasklaunch.exe [2014-08-05] (Bitdefender)
Task: {969B6C51-13EC-43C6-80CB-4E0E0E5CA3B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-26] (Google Inc.)
Task: {A6BF8358-E79F-489E-BF41-E70124CEEEB2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A6D83106-F28E-46E2-AC9E-69FD7F987A0D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {BDCD0FB4-16AB-47AB-87F4-7737BDC684D7} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe <==== ATTENTION
Task: {CB7F4EF1-720C-4B54-938B-49E9A350A142} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D055F379-AE08-413D-810A-7D08F2D92FD7} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {D414299C-C27A-4EBF-8985-1D7223821C87} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {D7B422B4-8406-407F-952B-E8F274F86B74} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {DDB1549C-AFDE-4E1D-AE0B-07F9C5B0BDB2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {DE54B500-7E33-4985-8DA3-DD63F39E4CF7} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ATTENTION
Task: {E2C0B1EF-2BAB-42DE-B56D-A83CED941AD7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-01-13] (Microsoft Corporation)
Task: {F3A9C3CC-77AA-48EF-81BF-E516AC127BDD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\windows\Tasks\PC SpeedUp Service Deactivator.job => ? <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-08-26 15:05 - 2014-10-13 19:24 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-08-26 15:05 - 2014-08-12 17:32 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-08-26 15:05 - 2011-11-14 18:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2014-08-26 15:05 - 2014-08-12 17:32 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-08-26 15:05 - 2014-07-24 08:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpbr.mdl
2014-08-26 15:05 - 2014-07-24 08:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpdsp.mdl
2014-08-26 15:05 - 2014-07-24 08:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttpph.mdl
2014-08-26 15:05 - 2014-07-24 08:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_001_001\ashttprbl.mdl
2014-07-06 00:41 - 2014-01-24 07:27 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-04-11 08:26 - 2011-04-11 06:26 - 00034304 _____ () C:\windows\System32\spe__l.dll
2014-09-05 16:43 - 2008-01-11 05:19 - 00022016 _____ () C:\windows\System32\ssp2ml6.dll
2014-07-06 01:13 - 2012-04-24 11:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-12-14 21:37 - 2014-10-07 11:55 - 01508032 _____ () C:\Program Files\COMODO\COMMON\LIBEAY32.dll
2014-12-14 21:37 - 2014-10-07 11:55 - 00338112 _____ () C:\Program Files\COMODO\COMMON\SSLEAY32.dll
2014-07-06 01:09 - 2014-07-06 01:09 - 00068880 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-07-06 01:09 - 2014-07-06 01:09 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2014-08-26 15:05 - 2013-03-25 14:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-12-24 10:22 - 2013-12-24 10:22 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-12-24 10:20 - 2013-12-24 10:20 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-12-24 10:26 - 2013-12-24 10:26 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-07-06 00:49 - 2013-10-01 10:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-06-07 13:11 - 2014-04-16 09:28 - 00080312 _____ () C:\windows\system32\igfxexps.dll
2014-03-26 20:50 - 2014-07-06 01:20 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2010-02-12 16:46 - 2010-02-12 16:46 - 01060937 _____ () C:\Program Files (x86)\Belvedere\Belvedere.exe
2014-09-17 06:47 - 2014-09-17 06:47 - 02875600 _____ () C:\Program Files\COMODO\GeekBuddy\QtCore4.dll
2014-09-17 06:47 - 2014-09-17 06:47 - 01283792 _____ () C:\Program Files\COMODO\GeekBuddy\QtNetwork4.dll
2014-09-17 14:13 - 2014-09-17 14:13 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2014-09-17 14:13 - 2014-09-17 14:13 - 00752312 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-09-17 14:12 - 2014-09-17 14:12 - 00024064 _____ () C:\Program Files\Rainmeter\Plugins\QuotePlugin.DLL
2014-09-17 06:47 - 2014-09-17 06:47 - 10451664 _____ () C:\Program Files\COMODO\GeekBuddy\QtGui4.dll
2014-09-17 06:47 - 2014-09-17 06:47 - 00039120 _____ () C:\Program Files\COMODO\GeekBuddy\imageformats\qgif4.dll
2014-09-17 06:47 - 2014-09-17 06:47 - 01529040 _____ () C:\Program Files\COMODO\GeekBuddy\QtScript4.dll
2014-07-06 01:15 - 2014-07-06 01:15 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2014-10-15 09:15 - 2014-12-12 14:39 - 00374840 _____ () C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-06-24 08:37 - 2014-06-24 08:37 - 00661752 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
2013-04-15 17:39 - 2013-04-15 17:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\kpcengine.2.3.dll
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-10-13 19:27 - 2014-10-13 19:27 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2015-01-14 09:33 - 2015-01-14 09:33 - 00098816 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\win32api.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00110080 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\pywintypes27.dll
2015-01-14 09:33 - 2015-01-14 09:33 - 00364544 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\pythoncom27.dll
2015-01-14 09:33 - 2015-01-14 09:33 - 00045568 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\_socket.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 01160704 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\_ssl.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00320512 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\win32com.shell.shell.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00713216 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\_hashlib.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 01175040 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\wx._core_.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00805888 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\wx._gdi_.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00811008 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\wx._windows_.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 01062400 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\wx._controls_.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00735232 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\wx._misc_.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00128512 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\_elementtree.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00127488 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\pyexpat.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00557056 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\pysqlite2._sqlite.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00087552 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\_ctypes.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00119808 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\win32file.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00108544 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\win32security.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00007168 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\hashobjs_ext.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00167936 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\win32gui.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00018432 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\win32event.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00038912 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\win32inet.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00011264 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\win32crypt.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00070656 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\wx._html2.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00027136 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\_multiprocessing.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00035840 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\win32process.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00686080 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\unicodedata.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00122368 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\wx._wizard.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00024064 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\win32pipe.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00025600 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\win32pdh.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00525640 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\windows._lib_cacheinvalidation.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00010240 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\select.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00017408 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\win32profile.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00022528 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\win32ts.pyd
2015-01-14 09:33 - 2015-01-14 09:33 - 00078336 _____ () C:\Users\Laurens Cleyman\AppData\Local\Temp\_MEI101842\wx._animate.pyd
2014-10-15 09:15 - 2014-12-12 14:39 - 36966968 _____ () C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\Data\libcef.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-14 09:33 - 2015-01-14 09:33 - 00043008 _____ () c:\Users\Laurens Cleyman\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptsl4es.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-10-15 09:15 - 2014-12-12 14:39 - 00867896 _____ () C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-10-15 09:15 - 2014-12-12 14:39 - 00886840 _____ () C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-10-15 09:15 - 2014-12-12 14:39 - 00108600 _____ () C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\Data\libegl.dll
2014-08-13 15:09 - 2014-08-13 15:09 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-12-13 12:49 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-13 12:49 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-13 12:49 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-13 12:49 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\moon.exe:BDU
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\AudioEndpointBuilder.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\Faultrep.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\wer.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\werdiagcontroller.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WerFault.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\WerFaultSecure.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\wermgr.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\Faultrep.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\wer.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\werdiagcontroller.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WerFault.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WerFaultSecure.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\wermgr.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Users\Laurens Cleyman\Desktop\dds.com:$CmdTcID
AlternateDataStreams: C:\Users\Laurens Cleyman\Desktop\dds.com:$CmdZnID
AlternateDataStreams: C:\Users\Laurens Cleyman\Desktop\dds.com:BDU

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-585059303-2465892597-2649365962-500 - Administrator - Disabled)
Gast (S-1-5-21-585059303-2465892597-2649365962-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-585059303-2465892597-2649365962-1005 - Limited - Enabled)
Laurens Cleyman (S-1-5-21-585059303-2465892597-2649365962-1001 - Administrator - Enabled) => C:\Users\Laurens Cleyman

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/13/2015 09:12:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Het activeren van de app E046963F.LenovoCompanion_k1h2ywk1493x8!App is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider CisWmi heeft geprobeerd query SELECT * FROM CisStatusChange te registreren, waarvan doelklasse CisStatusChange in naamruimte //./root/cis niet bestaat. De query wordt genegeerd.

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider CisWmi heeft geprobeerd query SELECT * FROM CisNotification te registreren, waarvan doelklasse CisNotification in naamruimte //./root/cis niet bestaat. De query wordt genegeerd.

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider CisWmi heeft geprobeerd query SELECT * FROM FwAlert te registreren, waarvan doelklasse FwAlert in naamruimte //./root/cis niet bestaat. De query wordt genegeerd.

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider CisWmi heeft geprobeerd query SELECT * FROM DfAlert te registreren, waarvan doelklasse DfAlert in naamruimte //./root/cis niet bestaat. De query wordt genegeerd.

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider CisWmi heeft geprobeerd query SELECT * FROM AvAlert te registreren, waarvan doelklasse AvAlert in naamruimte //./root/cis niet bestaat. De query wordt genegeerd.

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider CisWmi heeft geprobeerd query SELECT * FROM CisAlert te registreren, waarvan doelklasse CisAlert in naamruimte //./root/cis niet bestaat. De query wordt genegeerd.

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider CisWmi heeft geprobeerd query SELECT * FROM CisEvent te registreren, waarvan doelklasse CisEvent in naamruimte //./root/cis niet bestaat. De query wordt genegeerd.

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider  heeft geprobeerd query SELECT * FROM CisStatusChange te registreren, waarvan doelklasse CisStatusChange in naamruimte //./root/cis niet bestaat. De query wordt genegeerd.

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider  heeft geprobeerd query SELECT * FROM CisNotification te registreren, waarvan doelklasse CisNotification in naamruimte //./root/cis niet bestaat. De query wordt genegeerd.


System errors:
=============
Error: (01/14/2015 09:42:53 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/14/2015 09:32:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De SSPORT-service kan vanwege de volgende fout niet worden gestart: 
%%2

Error: (01/14/2015 09:31:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De DgiVecp-service kan vanwege de volgende fout niet worden gestart: 
%%1275

Error: (01/14/2015 09:31:43 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\windows\SysWow64\Drivers\DgiVecp.sys

Error: (01/14/2015 09:31:26 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: De Bitdefender Virus Shield-service is bij het starten vastgelopen.

Error: (01/13/2015 08:35:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De SSPORT-service kan vanwege de volgende fout niet worden gestart: 
%%2

Error: (01/13/2015 08:34:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De DgiVecp-service kan vanwege de volgende fout niet worden gestart: 
%%1275

Error: (01/13/2015 08:34:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\windows\SysWow64\Drivers\DgiVecp.sys

Error: (01/13/2015 08:34:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: De Bitdefender Virus Shield-service is bij het starten vastgelopen.

Error: (01/13/2015 08:32:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: toepassingsspecifiekLokaalActiveren{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar


Microsoft Office Sessions:
=========================
Error: (01/13/2015 09:12:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: E046963F.LenovoCompanion_k1h2ywk1493x8!App-2144927142

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: CisWmiSELECT * FROM CisStatusChangeCisStatusChange//./root/cis

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: CisWmiSELECT * FROM CisNotificationCisNotification//./root/cis

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: CisWmiSELECT * FROM FwAlertFwAlert//./root/cis

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: CisWmiSELECT * FROM DfAlertDfAlert//./root/cis

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: CisWmiSELECT * FROM AvAlertAvAlert//./root/cis

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: CisWmiSELECT * FROM CisAlertCisAlert//./root/cis

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: CisWmiSELECT * FROM CisEventCisEvent//./root/cis

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: SELECT * FROM CisStatusChangeCisStatusChange//./root/cis

Error: (01/13/2015 08:35:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: SELECT * FROM CisNotificationCisNotification//./root/cis


CodeIntegrity Errors:
===================================
  Date: 2015-01-14 09:54:26.489
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-13 21:26:45.235
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-13 21:07:40.840
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 25%
Total physical RAM: 16296.27 MB
Available physical RAM: 12140.69 MB
Total Pagefile: 18728.27 MB
Available Pagefile: 13159.46 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:888.64 GB) (Free:509.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3DD7571D)

Partition: GPT Partition Type.

==================== End Of Log ============================

Scan with Gmer rootkit scanner
 
Ark.txt
 
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-01-14 10:16:33
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003b WDC_WD10S21X-24R1BT0-SSHD-8GB rev.03.01A01 931,51GB
Running: l8tpu8st.exe; Driver: C:\Users\LAUREN~1\AppData\Local\Temp\fxryrpog.sys


---- Modules - GMER 2.1 ----

Module \??\C:\windows\system32\Drivers\rikvm_3A60B698.sys fffff80026cc3000-fffff8002730c000 (6590464 bytes)
Module \??\C:\Users\LAUREN~1\AppData\Local\Temp\fxryrpog.sys (GMER) fffff80027446000-fffff80027456000 (65536 bytes)

---- Threads - GMER 2.1 ----

Thread C:\windows\system32\csrss.exe [1012:456] fffff960008dbb90
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2444] 00000000008a6983
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2476] 0000000074f07c20
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2540] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2544] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2548] 0000000074f368d7
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2416] 00000000721f6d20
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2644] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2508] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:996] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2368] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:1656] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2928] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2932] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2220] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2536] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2396] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3076] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3080] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3084] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3088] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3092] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3096] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3100] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3104] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3108] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3112] 0000000004a01120
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3116] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3140] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3148] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3164] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3168] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3172] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3180] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3184] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3200] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3232] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3236] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3240] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3244] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3248] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3344] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3364] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3368] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3372] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3376] 0000000072301bf5
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3380] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3384] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3392] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3396] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3400] 00000000090725b8
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3404] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3408] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3412] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3416] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3424] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3428] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3432] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3436] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3440] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3720] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3724] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3728] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3732] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3736] 000000000b61bf19
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3740] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3748] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3752] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3756] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3760] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3764] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3768] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3772] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3776] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3780] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3784] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3788] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3792] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3796] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3800] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3804] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3808] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3812] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3816] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3820] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3824] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3828] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3832] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3836] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3840] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3844] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3848] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3852] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3856] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3860] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3864] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3868] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3872] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3876] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3880] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3884] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3896] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:3944] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5296] 00000000738ca4c5
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5308] 00000000090725b8
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5312] 00000000090725b8
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5336] 000000000a6affa0
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5368] 000000006e3969c0
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5372] 000000006e3969c0
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5376] 000000006e3e0060
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5388] 000000006e369fc8
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5396] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5400] 0000000072921a1a
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5404] 000000007292173f
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5408] 0000000072921a1a
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5412] 000000007292173f
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5440] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5460] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5780] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:6740] 000000006d843ce3
Thread C:\windows\SYSTEM32\ntdll.dll [2440:6164] 000000006d843ce3
Thread C:\windows\SYSTEM32\ntdll.dll [2440:6260] 000000006d843ce3
Thread C:\windows\SYSTEM32\ntdll.dll [2440:7036] 00000000090725b8
Thread C:\windows\SYSTEM32\ntdll.dll [2440:7800] 000000006d843ce3
Thread C:\windows\SYSTEM32\ntdll.dll [2440:8976] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:8984] 000000006d6af9c0
Thread C:\windows\SYSTEM32\ntdll.dll [2440:10412] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:9588] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:8048] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2816] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:10284] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:9940] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:7868] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5564] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:11120] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:6972] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:6748] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:1908] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:1192] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:6088] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:2232] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:10936] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:11172] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:8084] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:10084] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:1744] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:6344] 00000000750ac59c
Thread C:\windows\SYSTEM32\ntdll.dll [2440:7156] 0000000077ab62d0
Thread C:\windows\SYSTEM32\ntdll.dll [2440:5676] 00000000750ac59c
---- Processes - GMER 2.1 ----

Library \\?\C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\trufos.dll (*** suspicious ***) @ C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1152] (FILE NOT FOUND) 00007ff8037b0000
Library \\?\C:\Program Files\Bitdefender\Bitdefender\bdnc.dll (*** suspicious ***) @ C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1152] (FILE NOT FOUND) 00007ff8035b0000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:46) 000000006bca0000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38) 000000006b9a0000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38) 0000000067520000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\libGLESv2.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368](2014-10-22 00:22:50) 000000006b8b0000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\icuin52.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (ICU I18N DLL/The ICU Project)(2014-10-22 00:22:50) 000000004a900000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\icuuc52.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (ICU Common DLL/The ICU Project)(2014-10-22 00:22:50) 0000000004840000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\icudt52.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (ICU Data DLL/The ICU Project)(2014-10-22 00:22:50) 00000000049c0000
Library c:\users\lauren~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptsl4es.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368](2015-01-14 08:33:39) 0000000004230000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38) 0000000066f90000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:40) 0000000065e80000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:40) 0000000065c60000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:40) 00000000658d0000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:40) 000000006ac70000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\libEGL.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368](2014-10-22 00:22:50) 000000006b6e0000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:46) 000000006aa70000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38) 0000000068680000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2014-10-22 00:22:38) 0000000068630000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368](2014-10-22 00:22:48) 00000000683e0000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368](2014-10-22 00:22:46) 0000000067180000
Library C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\plugins\accessible\qtaccessiblewidgets.dll (*** suspicious ***) @ C:\Users\Laurens Cleyman\AppData\Roaming\Dropbox\bin\Dropbox.exe [9368](2014-10-22 00:22:46) 0000000074ec0000

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----

Edited by Laurens_Cleyman, 14 January 2015 - 04:32 AM.


#4 Laurens_Cleyman

Laurens_Cleyman
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:54 AM

Posted 14 January 2015 - 04:34 AM

Scan with TDSS-Killer
 
TDSSKiller.3.0.0.42_14.01.2015_10.18.47_log.txt
 
10:18:47.0903 0x1f38 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
10:18:47.0903 0x1f38 UEFI system
10:19:02.0100 0x1f38 ============================================================
10:19:02.0100 0x1f38 Current date / time: 2015/01/14 10:19:02.0100
10:19:02.0100 0x1f38 SystemInfo:
10:19:02.0100 0x1f38
10:19:02.0100 0x1f38 OS Version: 6.3.9600 ServicePack: 0.0
10:19:02.0100 0x1f38 Product type: Workstation
10:19:02.0100 0x1f38 ComputerName: LENOVO-PC
10:19:02.0100 0x1f38 UserName: Laurens Cleyman
10:19:02.0100 0x1f38 Windows directory: C:\windows
10:19:02.0100 0x1f38 System windows directory: C:\windows
10:19:02.0100 0x1f38 Running under WOW64
10:19:02.0100 0x1f38 Processor architecture: Intel x64
10:19:02.0100 0x1f38 Number of processors: 8
10:19:02.0100 0x1f38 Page size: 0x1000
10:19:02.0100 0x1f38 Boot type: Normal boot
10:19:02.0100 0x1f38 ============================================================
10:19:02.0538 0x1f38 KLMD registered as C:\windows\system32\drivers\35588723.sys
10:19:03.0412 0x1f38 System UUID: {C72C957E-86F2-2614-648E-C0899B631A04}
10:19:04.0687 0x1f38 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:19:04.0687 0x1f38 ============================================================
10:19:04.0687 0x1f38 \Device\Harddisk0\DR0:
10:19:04.0687 0x1f38 GPT partitions:
10:19:04.0687 0x1f38 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9A255CE8-6F6F-4C20-B726-CC0C6EC36E97}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
10:19:04.0687 0x1f38 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {03ECC563-0B7A-4014-8B5D-D2200FF0E630}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
10:19:04.0687 0x1f38 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {FB4D751B-57CD-48D7-8171-2C07F01203A1}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
10:19:04.0687 0x1f38 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F11FC3A8-B1C0-4F12-A1A2-8E6152183249}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
10:19:04.0687 0x1f38 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FBA7F57A-89E4-435E-9CAC-85EAF0F4472C}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6F149800
10:19:04.0687 0x1f38 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C86C9EB6-1B79-4B5E-9959-223FA1949330}, Name: Basic data partition, StartLBA 0x6F5F4000, BlocksNum 0x3200000
10:19:04.0687 0x1f38 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {563CE97B-724A-422E-8082-ACAFE295B960}, Name: Basic data partition, StartLBA 0x727F4000, BlocksNum 0x1F12800
10:19:04.0687 0x1f38 MBR partitions:
10:19:04.0687 0x1f38 ============================================================
10:19:04.0702 0x1f38 C: <-> \Device\Harddisk0\DR0\Partition5
10:19:04.0734 0x1f38 D: <-> \Device\Harddisk0\DR0\Partition6
10:19:04.0734 0x1f38 ============================================================
10:19:04.0734 0x1f38 Initialize success
10:19:04.0734 0x1f38 ============================================================
10:19:10.0407 0x09d0 ============================================================
10:19:10.0407 0x09d0 Scan started
10:19:10.0407 0x09d0 Mode: Manual;
10:19:10.0407 0x09d0 ============================================================
10:19:10.0407 0x09d0 KSN ping started
10:19:12.0851 0x09d0 KSN ping finished: true
10:19:13.0945 0x09d0 ================ Scan system memory ========================
10:19:13.0945 0x09d0 System memory - ok
10:19:13.0945 0x09d0 ================ Scan services =============================
10:19:14.0055 0x09d0 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\windows\System32\drivers\1394ohci.sys
10:19:14.0055 0x09d0 1394ohci - ok
10:19:14.0101 0x09d0 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\windows\system32\drivers\3ware.sys
10:19:14.0101 0x09d0 3ware - ok
10:19:14.0124 0x09d0 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\windows\system32\drivers\ACPI.sys
10:19:14.0127 0x09d0 ACPI - ok
10:19:14.0142 0x09d0 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\windows\system32\Drivers\acpiex.sys
10:19:14.0142 0x09d0 acpiex - ok
10:19:14.0158 0x09d0 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\windows\System32\drivers\acpipagr.sys
10:19:14.0158 0x09d0 acpipagr - ok
10:19:14.0158 0x09d0 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\windows\System32\drivers\acpipmi.sys
10:19:14.0158 0x09d0 AcpiPmi - ok
10:19:14.0158 0x09d0 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\windows\System32\drivers\acpitime.sys
10:19:14.0158 0x09d0 acpitime - ok
10:19:14.0205 0x09d0 [ 561E1023BEB555A77DBEAFB83E74BA14, EBB6C4878F6D7BEF8AD861AF5F262DACE96ECCA68308E30E319CE962FC5C5F35 ] ACPIVPC C:\windows\System32\drivers\AcpiVpc.sys
10:19:14.0205 0x09d0 ACPIVPC - ok
10:19:14.0236 0x09d0 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\windows\system32\drivers\ADP80XX.SYS
10:19:14.0236 0x09d0 ADP80XX - ok
10:19:14.0283 0x09d0 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\windows\System32\aelupsvc.dll
10:19:14.0283 0x09d0 AeLookupSvc - ok
10:19:14.0330 0x09d0 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\windows\system32\drivers\afd.sys
10:19:14.0330 0x09d0 AFD - ok
10:19:14.0345 0x09d0 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\windows\system32\drivers\agp440.sys
10:19:14.0361 0x09d0 agp440 - ok
10:19:14.0377 0x09d0 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\windows\system32\DRIVERS\ahcache.sys
10:19:14.0377 0x09d0 ahcache - ok
10:19:14.0392 0x09d0 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\windows\System32\alg.exe
10:19:14.0392 0x09d0 ALG - ok
10:19:14.0408 0x09d0 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\windows\System32\drivers\amdk8.sys
10:19:14.0423 0x09d0 AmdK8 - ok
10:19:14.0423 0x09d0 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\windows\System32\drivers\amdppm.sys
10:19:14.0439 0x09d0 AmdPPM - ok
10:19:14.0455 0x09d0 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\windows\system32\drivers\amdsata.sys
10:19:14.0455 0x09d0 amdsata - ok
10:19:14.0455 0x09d0 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
10:19:14.0470 0x09d0 amdsbs - ok
10:19:14.0470 0x09d0 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\windows\system32\drivers\amdxata.sys
10:19:14.0470 0x09d0 amdxata - ok
10:19:14.0470 0x09d0 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\windows\system32\drivers\appid.sys
10:19:14.0470 0x09d0 AppID - ok
10:19:14.0502 0x09d0 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\windows\System32\appidsvc.dll
10:19:14.0502 0x09d0 AppIDSvc - ok
10:19:14.0533 0x09d0 [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\windows\System32\appinfo.dll
10:19:14.0533 0x09d0 Appinfo - ok
10:19:14.0549 0x09d0 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\windows\system32\AppReadiness.dll
10:19:14.0564 0x09d0 AppReadiness - ok
10:19:14.0595 0x09d0 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\windows\system32\appxdeploymentserver.dll
10:19:14.0611 0x09d0 AppXSvc - ok
10:19:14.0611 0x09d0 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\windows\system32\drivers\arcsas.sys
10:19:14.0611 0x09d0 arcsas - ok
10:19:14.0627 0x09d0 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\windows\system32\drivers\atapi.sys
10:19:14.0627 0x09d0 atapi - ok
10:19:14.0642 0x09d0 [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
10:19:14.0658 0x09d0 AthBTPort - ok
10:19:14.0689 0x09d0 [ A8F6E223B0E460988004556A62233EC5, 59DF8AE71EAF7C0B8F890E8B597A573079D414914E56CCC07B4716A420F66D20 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
10:19:14.0689 0x09d0 AtherosSvc - ok
10:19:14.0783 0x09d0 [ 7ABEEA176A840449BFA7A766DFE1085E, 14A6AF797AAA76531C6BBCA8D2D755017B53B68F596FBEA537E7E74329D56A51 ] athr C:\windows\system32\DRIVERS\athwbx.sys
10:19:14.0830 0x09d0 athr - ok
10:19:14.0861 0x09d0 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
10:19:14.0861 0x09d0 AudioEndpointBuilder - ok
10:19:14.0908 0x09d0 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\windows\System32\Audiosrv.dll
10:19:14.0923 0x09d0 Audiosrv - ok
10:19:14.0986 0x09d0 [ 70CCDD9BCBAA5A918A7D135E28A824E2, D98A6D7885A7E44AD32F25BECE65151773E50D3B155020A03A5801DE5A090EA3 ] avc3 C:\windows\system32\DRIVERS\avc3.sys
10:19:15.0002 0x09d0 avc3 - ok
10:19:15.0048 0x09d0 [ D0B093DDF5FD05E4D0109159E9153A52, 2F8430F4B7EECB3C9712E443460F1F9B4FA52EB123FE3B0ED63AAD88616C13A4 ] avchv C:\windows\system32\DRIVERS\avchv.sys
10:19:15.0048 0x09d0 avchv - ok
10:19:15.0064 0x09d0 [ 0956716D5565680DC83992C11BBDB2C2, 7349F32F3E8596E680EE26BB1CA97AFADB42ED1B4652859CE5E221F67371B412 ] avckf C:\windows\system32\DRIVERS\avckf.sys
10:19:15.0080 0x09d0 avckf - ok
10:19:15.0142 0x09d0 [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe
10:19:15.0142 0x09d0 AVP15.0.1 - ok
10:19:15.0174 0x09d0 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\windows\System32\AxInstSV.dll
10:19:15.0174 0x09d0 AxInstSV - ok
10:19:15.0220 0x09d0 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
10:19:15.0220 0x09d0 b06bdrv - ok
10:19:15.0236 0x09d0 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\windows\System32\drivers\BasicDisplay.sys
10:19:15.0236 0x09d0 BasicDisplay - ok
10:19:15.0252 0x09d0 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\windows\System32\drivers\BasicRender.sys
10:19:15.0252 0x09d0 BasicRender - ok
10:19:15.0267 0x09d0 [ 326E77EA6E9BF27C7CD2837D65DB96C7, BDADECEFFF828BE1F77809788B1219B55F0C46BC83B17A62039C5EF71A657528 ] BazisVirtualCDBus C:\windows\System32\drivers\BazisVirtualCDBus.sys
10:19:15.0267 0x09d0 BazisVirtualCDBus - ok
10:19:15.0267 0x09d0 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\windows\System32\drivers\bcmfn2.sys
10:19:15.0267 0x09d0 bcmfn2 - ok
10:19:15.0330 0x09d0 [ 1C2B62D30100E6DC3C29B5344E73F99F, 83EE77BE98786C1B25F3E17FE79BAF9DC17855FCD4C4681A244F46956438F1D0 ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe
10:19:15.0330 0x09d0 BdDesktopParental - ok
10:19:15.0345 0x09d0 [ 3701D3BF4AC12EAACB1F58847C1D32FC, 29F3DA7E4C1706934BE92D03CB6F633C47D0251E5580958E823B6148DA5E5E73 ] bdelam C:\windows\system32\drivers\bdelam.sys
10:19:15.0345 0x09d0 bdelam - ok
10:19:15.0392 0x09d0 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\windows\System32\bdesvc.dll
10:19:15.0392 0x09d0 BDESVC - ok
10:19:15.0424 0x09d0 [ 5CE1C5BB9ABAC8871D39E7AEBD127797, E2E51A8DCD45F97041BE24B747479745BBF8D5542B1CF913F7B5405175CF85BC ] BdfNdisf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys
10:19:15.0424 0x09d0 BdfNdisf - ok
10:19:15.0455 0x09d0 [ 923E8216382E2F64EC8AADBA3C2CFFEE, 3811C5B18CEDCA3E7951950605B4A59301D5E2188E0752E26F1A1F8B868B8E13 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
10:19:15.0455 0x09d0 bdfwfpf - ok
10:19:15.0470 0x09d0 [ C0247341C1BCD7FF2742821D0AD7AFBC, EC2B246F3233302DB540394AC0F11F294CA16FB9E44110126CC9807BAC20EA35 ] bdfwfpf_pc C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys
10:19:15.0470 0x09d0 bdfwfpf_pc - ok
10:19:15.0502 0x09d0 [ C7C6393C540A1EE534BCEE74626DE987, 36FDD695E3138B31FD2FDDB5E8429C7CB5D7B5D3B8A3E7C3E7DCE2F0FF687F11 ] bdisk C:\windows\system32\DRIVERS\bdisk.sys
10:19:15.0502 0x09d0 bdisk - ok
10:19:15.0517 0x09d0 [ B9ECE7FD9F58DAF19450C88338DC5267, 9857DFE0BDDEA791F2DDA99C24A064D488B52E4AC1402A37EF22C244C9283681 ] BDSandBox C:\windows\system32\drivers\bdsandbox.sys
10:19:15.0517 0x09d0 BDSandBox - ok
10:19:15.0549 0x09d0 [ F7F20DFE87C425221D8FCE77C5ED46AC, 3AE738763DDC896E0C723C5D7D270B52CD20B52EEE81DABED2C0D311356C7F04 ] BDVEDISK C:\windows\system32\DRIVERS\bdvedisk.sys
10:19:15.0549 0x09d0 BDVEDISK - ok
10:19:15.0564 0x09d0 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\windows\system32\drivers\Beep.sys
10:19:15.0564 0x09d0 Beep - ok
10:19:15.0627 0x09d0 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\windows\System32\bfe.dll
10:19:15.0642 0x09d0 BFE - ok
10:19:15.0720 0x09d0 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\windows\System32\qmgr.dll
10:19:15.0736 0x09d0 BITS - ok
10:19:15.0767 0x09d0 [ C8F004ADA53A0784F032CF064CC5F531, 08FDAEE620E132DF954A44E21FBFDE56287B02FCCB5DDF9BEB17EE8E3530A02C ] BlackBerry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
10:19:15.0783 0x09d0 BlackBerry Device Manager - ok
10:19:15.0798 0x09d0 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\windows\system32\DRIVERS\bowser.sys
10:19:15.0814 0x09d0 bowser - ok
10:19:15.0845 0x09d0 [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
10:19:15.0861 0x09d0 BrokerInfrastructure - ok
10:19:15.0892 0x09d0 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\windows\System32\browser.dll
10:19:15.0892 0x09d0 Browser - ok
10:19:15.0908 0x09d0 [ 15BE0FCECAE5BC00FB3D339D3D1CF4E4, 7F77C73404044270AA0A4C9D6BD838564B5356ACA935982390A6EA11FA653AE0 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
10:19:15.0924 0x09d0 BTATH_A2DP - ok
10:19:15.0924 0x09d0 [ 1FFA5E05F2DE32D9E65CFDA4B33D50FD, 9EC578F563A90C60F893817548195781893405AC8ED7F87C3B5F94F9842161A5 ] btath_avdt C:\windows\system32\drivers\btath_avdt.sys
10:19:15.0924 0x09d0 btath_avdt - ok
10:19:15.0939 0x09d0 [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS C:\windows\System32\drivers\btath_bus.sys
10:19:15.0955 0x09d0 BTATH_BUS - ok
10:19:15.0970 0x09d0 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\windows\System32\drivers\btath_hcrp.sys
10:19:15.0970 0x09d0 BTATH_HCRP - ok
10:19:15.0986 0x09d0 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
10:19:15.0986 0x09d0 BTATH_LWFLT - ok
10:19:15.0986 0x09d0 [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP C:\windows\System32\drivers\btath_rcp.sys
10:19:15.0986 0x09d0 BTATH_RCP - ok
10:19:16.0017 0x09d0 [ 58DBB1384F26562111048036E7787F04, 3804BE214113B1759301E359049C0BCE5EB268AB1E028AF5089DAB5116937EF7 ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
10:19:16.0017 0x09d0 BtFilter - ok
10:19:16.0033 0x09d0 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\windows\System32\drivers\BthAvrcpTg.sys
10:19:16.0048 0x09d0 BthAvrcpTg - ok
10:19:16.0064 0x09d0 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\windows\System32\drivers\BthEnum.sys
10:19:16.0064 0x09d0 BthEnum - ok
10:19:16.0080 0x09d0 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\windows\System32\drivers\bthhfenum.sys
10:19:16.0080 0x09d0 BthHFEnum - ok
10:19:16.0080 0x09d0 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\windows\System32\drivers\BthHFHid.sys
10:19:16.0080 0x09d0 bthhfhid - ok
10:19:16.0095 0x09d0 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\windows\system32\DRIVERS\BthLEEnum.sys
10:19:16.0095 0x09d0 BthLEEnum - ok
10:19:16.0111 0x09d0 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\windows\System32\drivers\bthmodem.sys
10:19:16.0111 0x09d0 BTHMODEM - ok
10:19:16.0136 0x09d0 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\windows\System32\drivers\bthpan.sys
10:19:16.0136 0x09d0 BthPan - ok
10:19:16.0199 0x09d0 [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
10:19:16.0214 0x09d0 BTHPORT - ok
10:19:16.0230 0x09d0 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\windows\system32\bthserv.dll
10:19:16.0230 0x09d0 bthserv - ok
10:19:16.0246 0x09d0 [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
10:19:16.0246 0x09d0 BTHUSB - ok
10:19:16.0293 0x09d0 [ 10CDB598B555D2A06DA52A6C2D5F7DFE, 4194EF2B0CDCCAC40D2836C505226C98EA45648D66F918CFBFC2137761884E9A ] CBUFS C:\windows\system32\DRIVERS\CBUFS.sys
10:19:16.0293 0x09d0 CBUFS - ok
10:19:16.0308 0x09d0 [ 8D73FFFD9762EECF7680C4368A38B653, 128CCB95024B93912B2C4C989A6155A62AC18F5FEBE0E94F933E9848955B36DB ] cbvd C:\windows\system32\DRIVERS\cbvd.sys
10:19:16.0308 0x09d0 cbvd - ok
10:19:16.0324 0x09d0 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
10:19:16.0324 0x09d0 cdfs - ok
10:19:16.0339 0x09d0 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\windows\System32\drivers\cdrom.sys
10:19:16.0339 0x09d0 cdrom - ok
10:19:16.0355 0x09d0 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\windows\System32\certprop.dll
10:19:16.0355 0x09d0 CertPropSvc - ok
10:19:16.0402 0x09d0 [ 0FB3259B15FFAE378630087CC970A558, 82CF4F2126302E93FA2BBD471E14FF83068101145B09FD4D2649F92BFCCF093C ] CFRMD C:\windows\system32\DRIVERS\CFRMD.sys
10:19:16.0418 0x09d0 CFRMD - ok
10:19:16.0418 0x09d0 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\windows\System32\drivers\circlass.sys
10:19:16.0433 0x09d0 circlass - ok
10:19:16.0449 0x09d0 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\windows\system32\drivers\CLFS.sys
10:19:16.0449 0x09d0 CLFS - ok
10:19:16.0496 0x09d0 [ 0146690B212A627C4D6EC11775170177, 49155A9135B62DB6C188D369F9B0B6895762434E9B2546E2E6B2576E4F7BA82E ] CLKMSVC10_3A60B698 C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe
10:19:16.0496 0x09d0 CLKMSVC10_3A60B698 - ok
10:19:16.0543 0x09d0 [ AE9C1F57B66B5EFE60C065539EB7B973, 5CF7FF0C241C6C896B29366BB7E0486574588A2DC7B8E62AB06BBD8BF284D5EC ] CLPSLauncher C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
10:19:16.0543 0x09d0 CLPSLauncher - ok
10:19:16.0558 0x09d0 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\windows\System32\drivers\CmBatt.sys
10:19:16.0558 0x09d0 CmBatt - ok
10:19:16.0824 0x09d0 [ 0F28CFF8610425DF96FBB29794707959, 3FA8D13C29C79FA34A65D9E4502F09817F79DF57AF172FFDE48C147934FBBBCF ] CmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
10:19:16.0918 0x09d0 CmdAgent - ok
10:19:16.0949 0x09d0 [ FB36A3C39AC86A9A42FEDE4A47F90FA3, C588331E31A9AF5E865B4F863F0D0689028CF1DFB9BA2FDA9FA56948FB1BC2B5 ] cmderd C:\windows\system32\DRIVERS\cmderd.sys
10:19:16.0949 0x09d0 cmderd - ok
10:19:16.0980 0x09d0 [ A6D031ABE7F98B19D1F026A7EAF8F7AE, 6EC0370C7BFEE998FA746132D8AFBCA530F2F8CEC03FA502DDE60CEF8C6149BD ] cmdGuard C:\windows\system32\DRIVERS\cmdguard.sys
10:19:16.0996 0x09d0 cmdGuard - ok
10:19:17.0027 0x09d0 [ 1EE2A1CFEB9646FB027A5A9FED67CA7D, 8C45783C3905FC884106F6902E550FA9BE791ED820D060064532231F773C5996 ] cmdhlp C:\windows\system32\DRIVERS\cmdhlp.sys
10:19:17.0027 0x09d0 cmdhlp - ok
10:19:17.0121 0x09d0 [ AB6513248071D4EA9736D504AAFD78FE, 02ECD1D8C2637004E3FD1C999CFEA3D6C07269C4F1D5C593DE58DE987554E40A ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
10:19:17.0136 0x09d0 cmdvirth - ok
10:19:17.0183 0x09d0 [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w C:\windows\system32\DRIVERS\cm_km_w.sys
10:19:17.0183 0x09d0 cm_km_w - ok
10:19:17.0230 0x09d0 [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG C:\windows\system32\Drivers\cng.sys
10:19:17.0246 0x09d0 CNG - ok
10:19:17.0261 0x09d0 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\windows\System32\drivers\CompositeBus.sys
10:19:17.0261 0x09d0 CompositeBus - ok
10:19:17.0261 0x09d0 COMSysApp - ok
10:19:17.0261 0x09d0 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\windows\system32\drivers\condrv.sys
10:19:17.0261 0x09d0 condrv - ok
10:19:17.0402 0x09d0 [ 5779731037C856ECDE96328D41742DBF, 4CB4C024C0750FE07A80FC693C78FAF03A199858C0B183E72026D3F7549D759D ] COSService.exe C:\Program Files\COMODO\COMMON\COSService.exe
10:19:17.0449 0x09d0 COSService.exe - ok
10:19:17.0527 0x09d0 [ 59C937CE0843457AA12332B5181567CB, 3097C28EF7BBF38427CBAEBF1AE5E56A232297CBE155B0FD7EC063FE1CD7C744 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
10:19:17.0543 0x09d0 cphs - ok
10:19:17.0574 0x09d0 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\windows\system32\cryptsvc.dll
10:19:17.0574 0x09d0 CryptSvc - ok
10:19:17.0605 0x09d0 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\windows\system32\drivers\dam.sys
10:19:17.0605 0x09d0 dam - ok
10:19:17.0636 0x09d0 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\windows\system32\rpcss.dll
10:19:17.0636 0x09d0 DcomLaunch - ok
10:19:17.0683 0x09d0 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\windows\System32\defragsvc.dll
10:19:17.0699 0x09d0 defragsvc - ok
10:19:17.0714 0x09d0 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\windows\system32\das.dll
10:19:17.0714 0x09d0 DeviceAssociationService - ok
10:19:17.0746 0x09d0 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\windows\system32\umpnpmgr.dll
10:19:17.0746 0x09d0 DeviceInstall - ok
10:19:17.0761 0x09d0 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\windows\system32\Drivers\dfsc.sys
10:19:17.0761 0x09d0 Dfsc - ok
10:19:17.0761 0x09d0 DgiVecp - ok
10:19:17.0812 0x09d0 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\windows\system32\dhcpcore.dll
10:19:17.0812 0x09d0 Dhcp - ok
10:19:17.0827 0x09d0 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\windows\system32\drivers\disk.sys
10:19:17.0827 0x09d0 disk - ok
10:19:17.0827 0x09d0 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\windows\System32\drivers\dmvsc.sys
10:19:17.0827 0x09d0 dmvsc - ok
10:19:17.0859 0x09d0 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\windows\System32\dnsrslvr.dll
10:19:17.0859 0x09d0 Dnscache - ok
10:19:17.0874 0x09d0 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\windows\System32\dot3svc.dll
10:19:17.0890 0x09d0 dot3svc - ok
10:19:17.0906 0x09d0 [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\windows\system32\DRIVERS\Dot4.sys
10:19:17.0906 0x09d0 dot4 - ok
10:19:17.0937 0x09d0 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\windows\System32\drivers\Dot4Prt.sys
10:19:17.0937 0x09d0 Dot4Print - ok
10:19:17.0952 0x09d0 [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
10:19:17.0968 0x09d0 dot4usb - ok
10:19:17.0984 0x09d0 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\windows\system32\dps.dll
10:19:17.0984 0x09d0 DPS - ok
10:19:18.0093 0x09d0 [ E4A0D0C8F17073BE392F062DD1F6B50E, 26CF71517C09B24B6F6AB5AC902FF0D1426351BCCD6AB571510C83D0F6E32FE6 ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
10:19:18.0124 0x09d0 DragonUpdater - ok
10:19:18.0149 0x09d0 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\windows\system32\drivers\drmkaud.sys
10:19:18.0149 0x09d0 drmkaud - ok
10:19:18.0164 0x09d0 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\windows\System32\DeviceSetupManager.dll
10:19:18.0164 0x09d0 DsmSvc - ok
10:19:18.0196 0x09d0 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\windows\System32\drivers\dtsoftbus01.sys
10:19:18.0211 0x09d0 dtsoftbus01 - ok
10:19:18.0274 0x09d0 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
10:19:18.0289 0x09d0 DXGKrnl - ok
10:19:18.0321 0x09d0 [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress C:\windows\system32\DRIVERS\e1i63x64.sys
10:19:18.0321 0x09d0 e1iexpress - ok
10:19:18.0352 0x09d0 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\windows\System32\eapsvc.dll
10:19:18.0352 0x09d0 Eaphost - ok
10:19:18.0430 0x09d0 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\windows\system32\drivers\evbda.sys
10:19:18.0461 0x09d0 ebdrv - ok
10:19:18.0477 0x09d0 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\windows\System32\lsass.exe
10:19:18.0477 0x09d0 EFS - ok
10:19:18.0493 0x09d0 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\windows\system32\drivers\EhStorClass.sys
10:19:18.0493 0x09d0 EhStorClass - ok
10:19:18.0508 0x09d0 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\windows\system32\drivers\EhStorTcgDrv.sys
10:19:18.0508 0x09d0 EhStorTcgDrv - ok
10:19:18.0524 0x09d0 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\windows\System32\drivers\errdev.sys
10:19:18.0524 0x09d0 ErrDev - ok
10:19:18.0539 0x09d0 [ AE2724F5DC4BD4B712DE4B7AFC165B67, 885798349F53311833527B7D701531977DD637C9BD2F1AC3B53FD57C3E6DCFE1 ] ETD C:\windows\system32\DRIVERS\ETD.sys
10:19:18.0555 0x09d0 ETD - ok
10:19:18.0571 0x09d0 [ 31F88205E21FCDCFB9DFB9DF70AB2598, 1A9523A594CF3591F8200FE15EE1DBC57157B362F185FABB95665764DE46071A ] ETDService C:\Program Files\Elantech\ETDService.exe
10:19:18.0571 0x09d0 ETDService - ok
10:19:18.0586 0x09d0 [ 55B118414B7E0C6AE26A268438CF9A27, 33EFE2965EC297AEA8EB3B7B01BE6CACB062B7CD1DC9404E6661170CCB408325 ] ETDSMBus C:\windows\system32\DRIVERS\ETDSMBus.sys
10:19:18.0586 0x09d0 ETDSMBus - ok
10:19:18.0618 0x09d0 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\windows\system32\es.dll
10:19:18.0618 0x09d0 EventSystem - ok
10:19:18.0633 0x09d0 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\windows\system32\drivers\exfat.sys
10:19:18.0633 0x09d0 exfat - ok
10:19:18.0649 0x09d0 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\windows\system32\drivers\fastfat.sys
10:19:18.0649 0x09d0 fastfat - ok
10:19:18.0680 0x09d0 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\windows\system32\fxssvc.exe
10:19:18.0696 0x09d0 Fax - ok
10:19:18.0696 0x09d0 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\windows\System32\drivers\fdc.sys
10:19:18.0696 0x09d0 fdc - ok
10:19:18.0711 0x09d0 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\windows\system32\fdPHost.dll
10:19:18.0711 0x09d0 fdPHost - ok
10:19:18.0743 0x09d0 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\windows\system32\fdrespub.dll
10:19:18.0743 0x09d0 FDResPub - ok
10:19:18.0758 0x09d0 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\windows\system32\fhsvc.dll
10:19:18.0774 0x09d0 fhsvc - ok
10:19:18.0774 0x09d0 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
10:19:18.0774 0x09d0 FileInfo - ok
10:19:18.0789 0x09d0 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\windows\system32\drivers\filetrace.sys
10:19:18.0789 0x09d0 Filetrace - ok
10:19:18.0821 0x09d0 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\windows\System32\drivers\flpydisk.sys
10:19:18.0821 0x09d0 flpydisk - ok
10:19:18.0852 0x09d0 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\windows\system32\drivers\fltmgr.sys
10:19:18.0852 0x09d0 FltMgr - ok
10:19:18.0930 0x09d0 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\windows\system32\FntCache.dll
10:19:18.0946 0x09d0 FontCache - ok
10:19:19.0008 0x09d0 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:19:19.0008 0x09d0 FontCache3.0.0.0 - ok
10:19:19.0008 0x09d0 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\windows\system32\drivers\FsDepends.sys
10:19:19.0025 0x09d0 FsDepends - ok
10:19:19.0031 0x09d0 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
10:19:19.0033 0x09d0 Fs_Rec - ok
10:19:19.0075 0x09d0 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
10:19:19.0075 0x09d0 fvevol - ok
10:19:19.0091 0x09d0 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\windows\System32\drivers\fxppm.sys
10:19:19.0091 0x09d0 FxPPM - ok
10:19:19.0106 0x09d0 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
10:19:19.0106 0x09d0 gagp30kx - ok
10:19:19.0216 0x09d0 [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] GeekBuddyRSP C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
10:19:19.0247 0x09d0 GeekBuddyRSP - ok
10:19:19.0263 0x09d0 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\windows\System32\drivers\vmgencounter.sys
10:19:19.0263 0x09d0 gencounter - ok
10:19:19.0299 0x09d0 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\windows\system32\Drivers\msgpioclx.sys
10:19:19.0302 0x09d0 GPIOClx0101 - ok
10:19:19.0342 0x09d0 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\windows\System32\gpsvc.dll
10:19:19.0358 0x09d0 gpsvc - ok
10:19:19.0405 0x09d0 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:19:19.0405 0x09d0 gupdate - ok
10:19:19.0421 0x09d0 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:19:19.0421 0x09d0 gupdatem - ok
10:19:19.0452 0x09d0 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:19:19.0452 0x09d0 gusvc - ok
10:19:19.0467 0x09d0 [ 0A9D58AABD01DA97B1D101473EFA7659, C18EA4F5BF569C230AD682A418F69B6E4209AD467BCCBDABD0515DBB582BF04B ] gzflt C:\windows\system32\DRIVERS\gzflt.sys
10:19:19.0467 0x09d0 gzflt - ok
10:19:19.0483 0x09d0 [ BDDBCFF870442B3C24C158CD53079132, 62314C296ACF1EF9EB38FB70B66B57D1BB9917C8536B39892272D172BC58A5C3 ] hcmon C:\windows\system32\drivers\hcmon.sys
10:19:19.0483 0x09d0 hcmon - ok
10:19:19.0530 0x09d0 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
10:19:19.0530 0x09d0 HdAudAddService - ok
10:19:19.0577 0x09d0 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\windows\System32\drivers\HDAudBus.sys
10:19:19.0577 0x09d0 HDAudBus - ok
10:19:19.0593 0x09d0 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\windows\System32\drivers\HidBatt.sys
10:19:19.0593 0x09d0 HidBatt - ok
10:19:19.0608 0x09d0 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\windows\System32\drivers\hidbth.sys
10:19:19.0608 0x09d0 HidBth - ok
10:19:19.0608 0x09d0 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\windows\System32\drivers\hidi2c.sys
10:19:19.0624 0x09d0 hidi2c - ok
10:19:19.0624 0x09d0 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\windows\System32\drivers\hidir.sys
10:19:19.0624 0x09d0 HidIr - ok
10:19:19.0639 0x09d0 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\windows\system32\hidserv.dll
10:19:19.0639 0x09d0 hidserv - ok
10:19:19.0655 0x09d0 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\windows\System32\drivers\hidusb.sys
10:19:19.0655 0x09d0 HidUsb - ok
10:19:19.0686 0x09d0 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\windows\system32\kmsvc.dll
10:19:19.0686 0x09d0 hkmsvc - ok
10:19:19.0702 0x09d0 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\windows\system32\ListSvc.dll
10:19:19.0702 0x09d0 HomeGroupListener - ok
10:19:19.0717 0x09d0 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\windows\system32\provsvc.dll
10:19:19.0733 0x09d0 HomeGroupProvider - ok
10:19:19.0749 0x09d0 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
10:19:19.0749 0x09d0 HpSAMD - ok
10:19:19.0780 0x09d0 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\windows\system32\drivers\HTTP.sys
10:19:19.0796 0x09d0 HTTP - ok
10:19:19.0827 0x09d0 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
10:19:19.0827 0x09d0 hwpolicy - ok
10:19:19.0843 0x09d0 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\windows\System32\drivers\hyperkbd.sys
10:19:19.0843 0x09d0 hyperkbd - ok
10:19:19.0858 0x09d0 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\windows\system32\DRIVERS\HyperVideo.sys
10:19:19.0858 0x09d0 HyperVideo - ok
10:19:19.0858 0x09d0 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\windows\System32\drivers\i8042prt.sys
10:19:19.0858 0x09d0 i8042prt - ok
10:19:19.0874 0x09d0 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\windows\System32\drivers\iaLPSSi_GPIO.sys
10:19:19.0874 0x09d0 iaLPSSi_GPIO - ok
10:19:19.0874 0x09d0 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\windows\System32\drivers\iaLPSSi_I2C.sys
10:19:19.0874 0x09d0 iaLPSSi_I2C - ok
10:19:19.0905 0x09d0 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\windows\system32\drivers\iaStorAV.sys
10:19:19.0921 0x09d0 iaStorAV - ok
10:19:19.0936 0x09d0 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
10:19:19.0936 0x09d0 iaStorV - ok
10:19:19.0952 0x09d0 IEEtwCollectorService - ok
10:19:20.0030 0x09d0 [ B12F7F8180BCD99B29AE2A6534857EA1, D095DF08A4F3510B96DE55A69ACCDEA0AACC7244447A858041D4C511835BA066 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
10:19:20.0077 0x09d0 igfx - ok
10:19:20.0108 0x09d0 [ 0CD08FECC0A3553C93F763450457BE92, AF58A2115083D6BA46097EF25CA071909674B67E5BCB9684E2732B5AB32E1AD2 ] igfxCUIService1.0.0.0 C:\windows\system32\igfxCUIService.exe
10:19:20.0108 0x09d0 igfxCUIService1.0.0.0 - ok
10:19:20.0164 0x09d0 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\windows\System32\ikeext.dll
10:19:20.0180 0x09d0 IKEEXT - ok
10:19:20.0211 0x09d0 [ 9CDECB031596B1EE348593148559DF34, 1331383ABA08F4059B2CAD17CB762CF0337262156591B8AF73C4B67C88535940 ] inspect C:\windows\system32\DRIVERS\inspect.sys
10:19:20.0211 0x09d0 inspect - ok
10:19:20.0227 0x09d0 [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
10:19:20.0227 0x09d0 intaud_WaveExtensible - ok
10:19:20.0336 0x09d0 [ 01262E2BE97708F54666E700482027DE, 7643FCFB6EBFABDD7D1A914C40FADE97DDC633C5D75BE2CADBAC61675564E5CD ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
10:19:20.0367 0x09d0 IntcAzAudAddService - ok
10:19:20.0398 0x09d0 [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
10:19:20.0414 0x09d0 IntcDAud - ok
10:19:20.0445 0x09d0 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:19:20.0445 0x09d0 Intel(R) Capability Licensing Service Interface - ok
10:19:20.0477 0x09d0 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
10:19:20.0492 0x09d0 Intel(R) Capability Licensing Service TCP IP Interface - ok
10:19:20.0523 0x09d0 [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
10:19:20.0523 0x09d0 Intel(R) ME Service - ok
10:19:20.0539 0x09d0 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\windows\system32\drivers\intelide.sys
10:19:20.0539 0x09d0 intelide - ok
10:19:20.0570 0x09d0 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\windows\system32\drivers\intelpep.sys
10:19:20.0570 0x09d0 intelpep - ok
10:19:20.0586 0x09d0 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\windows\System32\drivers\intelppm.sys
10:19:20.0586 0x09d0 intelppm - ok
10:19:20.0586 0x09d0 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
10:19:20.0586 0x09d0 IpFilterDriver - ok
10:19:20.0633 0x09d0 [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
10:19:20.0648 0x09d0 iphlpsvc - ok
10:19:20.0680 0x09d0 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\windows\System32\drivers\IPMIDrv.sys
10:19:20.0680 0x09d0 IPMIDRV - ok
10:19:20.0711 0x09d0 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\windows\system32\drivers\ipnat.sys
10:19:20.0711 0x09d0 IPNAT - ok
10:19:20.0727 0x09d0 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\windows\system32\drivers\irenum.sys
10:19:20.0727 0x09d0 IRENUM - ok
10:19:20.0727 0x09d0 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\windows\system32\drivers\isapnp.sys
10:19:20.0727 0x09d0 isapnp - ok
10:19:20.0758 0x09d0 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\windows\System32\drivers\msiscsi.sys
10:19:20.0773 0x09d0 iScsiPrt - ok
10:19:20.0836 0x09d0 [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
10:19:20.0836 0x09d0 iumsvc - ok
10:19:20.0836 0x09d0 [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\windows\System32\drivers\iwdbus.sys
10:19:20.0836 0x09d0 iwdbus - ok
10:19:20.0867 0x09d0 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
10:19:20.0883 0x09d0 jhi_service - ok
10:19:20.0883 0x09d0 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\windows\System32\drivers\kbdclass.sys
10:19:20.0883 0x09d0 kbdclass - ok
10:19:20.0883 0x09d0 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\windows\System32\drivers\kbdhid.sys
10:19:20.0883 0x09d0 kbdhid - ok
10:19:20.0898 0x09d0 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\windows\system32\DRIVERS\kdnic.sys
10:19:20.0898 0x09d0 kdnic - ok
10:19:20.0914 0x09d0 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\windows\system32\lsass.exe
10:19:20.0914 0x09d0 KeyIso - ok
10:19:20.0961 0x09d0 [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1 C:\windows\system32\DRIVERS\kl1.sys
10:19:20.0977 0x09d0 kl1 - ok
10:19:20.0977 0x09d0 [ 37D7CBA1797D1FA2490089DA0CFF6ADA, 52CFFD075497C480291C8B816E7D56C055CCE5DA57BCA9CD6123CA9C79757C5D ] kldisk C:\windows\system32\DRIVERS\kldisk.sys
10:19:20.0977 0x09d0 kldisk - ok
10:19:20.0992 0x09d0 [ F2EB9202FCCC81E0902D3C5A70037A44, 9554851BB68228500E69536B0C484B32FC92B85A76A7F1F268549212D0D5CFCA ] klelam C:\windows\system32\DRIVERS\klelam.sys
10:19:20.0992 0x09d0 klelam - ok
10:19:21.0023 0x09d0 [ 17BCA7231808182F89154B53CA006F20, 7E836029E47B97ABC363A66F0E0986C0E13094BC59A300B7207225A9830298FE ] klflt C:\windows\system32\DRIVERS\klflt.sys
10:19:21.0023 0x09d0 klflt - ok
10:19:21.0070 0x09d0 [ D65DBBAD177325E3EE2B7BC8FE5EB1D0, 7DC61EA88AE26C64BCE0EC5F0EDD4585C23BAC170D86800BA246C1F9BAD33618 ] klhk C:\windows\system32\DRIVERS\klhk.sys
10:19:21.0070 0x09d0 klhk - ok
10:19:21.0102 0x09d0 [ 34758077EBF3C97DC4A939C4614065CA, 44AF75E417C8788740AE2803EE90A772004CE9A654BCE7D660822CFDFF05B89C ] KLIF C:\windows\system32\DRIVERS\klif.sys
10:19:21.0117 0x09d0 KLIF - ok
10:19:21.0148 0x09d0 [ 753BFA638ACE05983D4C64988CC13926, FE0D2604AE845D9AC35C793E1E0523BFF7FCA396183D7FED005E4CDF29381252 ] KLIM6 C:\windows\system32\DRIVERS\klim6.sys
10:19:21.0148 0x09d0 KLIM6 - ok
10:19:21.0195 0x09d0 [ 37ADA02E498051A4D533F21096789597, 569D0D29C509695C5136D5039AACAF3CAD70FA92AB3F7FE92B6F58C0C691F3F6 ] klkbdflt C:\windows\system32\DRIVERS\klkbdflt.sys
10:19:21.0195 0x09d0 klkbdflt - ok
10:19:21.0211 0x09d0 [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt C:\windows\system32\DRIVERS\klmouflt.sys
10:19:21.0211 0x09d0 klmouflt - ok
10:19:21.0227 0x09d0 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\windows\system32\DRIVERS\klpd.sys
10:19:21.0227 0x09d0 klpd - ok
10:19:21.0242 0x09d0 [ 04E01889D895C1321EE28BE80F7C1B0F, 85A1A3F96291E77AF8DD49DD1DF6AC550CA5BD4A585D7C0A0DBB5C11F87F0218 ] klwfp C:\windows\system32\DRIVERS\klwfp.sys
10:19:21.0242 0x09d0 klwfp - ok
10:19:21.0258 0x09d0 [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp C:\windows\system32\DRIVERS\klwtp.sys
10:19:21.0258 0x09d0 Klwtp - ok
10:19:21.0273 0x09d0 [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps C:\windows\system32\DRIVERS\kneps.sys
10:19:21.0273 0x09d0 kneps - ok
10:19:21.0289 0x09d0 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
10:19:21.0289 0x09d0 KSecDD - ok
10:19:21.0336 0x09d0 [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
10:19:21.0336 0x09d0 KSecPkg - ok
10:19:21.0336 0x09d0 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
10:19:21.0336 0x09d0 ksthunk - ok
10:19:21.0367 0x09d0 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\windows\system32\msdtckrm.dll
10:19:21.0367 0x09d0 KtmRm - ok
10:19:21.0414 0x09d0 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\windows\system32\srvsvc.dll
10:19:21.0414 0x09d0 LanmanServer - ok
10:19:21.0445 0x09d0 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
10:19:21.0445 0x09d0 LanmanWorkstation - ok
10:19:21.0461 0x09d0 [ 031199B929009F268A478F0283E1CE32, B7BFB848A03535C16798085D489AB294935955F2982330B39190B2074BF9122B ] LenovoWiFiHotspotSvr C:\Windows\System32\LenovoWiFiHotspotSvr.exe
10:19:21.0477 0x09d0 LenovoWiFiHotspotSvr - ok
10:19:21.0508 0x09d0 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\windows\System32\GeofenceMonitorService.dll
10:19:21.0523 0x09d0 lfsvc - ok
10:19:21.0539 0x09d0 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
10:19:21.0539 0x09d0 lltdio - ok
10:19:21.0555 0x09d0 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\windows\System32\lltdsvc.dll
10:19:21.0570 0x09d0 lltdsvc - ok
10:19:21.0570 0x09d0 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\windows\System32\lmhsvc.dll
10:19:21.0570 0x09d0 lmhosts - ok
10:19:21.0602 0x09d0 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
10:19:21.0602 0x09d0 LSI_SAS - ok
10:19:21.0617 0x09d0 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
10:19:21.0617 0x09d0 LSI_SAS2 - ok
10:19:21.0617 0x09d0 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\windows\system32\drivers\lsi_sas3.sys
10:19:21.0617 0x09d0 LSI_SAS3 - ok
10:19:21.0617 0x09d0 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\windows\system32\drivers\lsi_sss.sys
10:19:21.0633 0x09d0 LSI_SSS - ok
10:19:21.0664 0x09d0 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\windows\System32\lsm.dll
10:19:21.0664 0x09d0 LSM - ok
10:19:21.0711 0x09d0 [ B9D6F27D06565CEFF51FD012B74822CB, D6526314DC2F58745969B7132722C60DB33442CB55ADAB28E7EF64EB088E32DF ] LsvUIService C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
10:19:21.0711 0x09d0 LsvUIService - ok
10:19:21.0727 0x09d0 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\windows\system32\drivers\luafv.sys
10:19:21.0727 0x09d0 luafv - ok
10:19:21.0758 0x09d0 [ 02CF33AD83CB69A7CF8598B1CDBC11B6, 9C9C7329F0EB3B94915676E4911BCC04F2FBDFDAF0C98F605B1B5C6606554A0D ] LUService C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
10:19:21.0758 0x09d0 LUService - ok
10:19:21.0789 0x09d0 [ 562F2CD3DA6BEAE5DE37ED2E79F8F729, E2603577939356F2F54000728330613FE4A5C620FC4213B100C430AF335FD750 ] ManyCam C:\windows\system32\DRIVERS\mcvidrv.sys
10:19:21.0789 0x09d0 ManyCam - ok
10:19:21.0805 0x09d0 [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
10:19:21.0820 0x09d0 MBAMProtector - ok
10:19:21.0898 0x09d0 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
10:19:21.0914 0x09d0 MBAMScheduler - ok
10:19:21.0961 0x09d0 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
10:19:21.0977 0x09d0 MBAMService - ok
10:19:21.0992 0x09d0 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\windows\system32\drivers\MBAMSwissArmy.sys
10:19:22.0008 0x09d0 MBAMSwissArmy - ok
10:19:22.0023 0x09d0 [ 9D7BFFDB5FA62B600DF1FCB4919D9D79, B610B18E25366F56A785C1BECE0EC534C836FAB0DF13E0BC3AF7A626E6CD6A5F ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
10:19:22.0023 0x09d0 MBAMWebAccessControl - ok
10:19:22.0039 0x09d0 [ 4C017AF4CBC57A36C75A270184CC86CB, F6FC22955BD047145B3E43400576530FE351AD68AA2A2EA4F80FF463435F5360 ] mcaudrv_simple C:\windows\system32\drivers\mcaudrv_x64.sys
10:19:22.0039 0x09d0 mcaudrv_simple - ok
10:19:22.0055 0x09d0 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\windows\system32\drivers\megasas.sys
10:19:22.0070 0x09d0 megasas - ok
10:19:22.0102 0x09d0 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\windows\system32\drivers\megasr.sys
10:19:22.0102 0x09d0 megasr - ok
10:19:22.0133 0x09d0 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\windows\system32\DRIVERS\TeeDriverx64.sys
10:19:22.0133 0x09d0 MEIx64 - ok
10:19:22.0148 0x09d0 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\windows\system32\mmcss.dll
10:19:22.0148 0x09d0 MMCSS - ok
10:19:22.0173 0x09d0 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\windows\system32\drivers\modem.sys
10:19:22.0173 0x09d0 Modem - ok
10:19:22.0188 0x09d0 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\windows\System32\drivers\monitor.sys
10:19:22.0188 0x09d0 monitor - ok
10:19:22.0188 0x09d0 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\windows\System32\drivers\mouclass.sys
10:19:22.0188 0x09d0 mouclass - ok
10:19:22.0188 0x09d0 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\windows\System32\drivers\mouhid.sys
10:19:22.0188 0x09d0 mouhid - ok
10:19:22.0204 0x09d0 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\windows\system32\drivers\mountmgr.sys
10:19:22.0204 0x09d0 mountmgr - ok
10:19:22.0204 0x09d0 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
10:19:22.0204 0x09d0 mpsdrv - ok
10:19:22.0235 0x09d0 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\windows\system32\mpssvc.dll
10:19:22.0251 0x09d0 MpsSvc - ok
10:19:22.0282 0x09d0 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
10:19:22.0282 0x09d0 MRxDAV - ok
10:19:22.0313 0x09d0 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
10:19:22.0329 0x09d0 mrxsmb - ok
10:19:22.0360 0x09d0 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
10:19:22.0360 0x09d0 mrxsmb10 - ok
10:19:22.0376 0x09d0 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
10:19:22.0376 0x09d0 mrxsmb20 - ok
10:19:22.0407 0x09d0 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\windows\system32\DRIVERS\bridge.sys
10:19:22.0423 0x09d0 MsBridge - ok
10:19:22.0438 0x09d0 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\windows\System32\msdtc.exe
10:19:22.0438 0x09d0 MSDTC - ok
10:19:22.0454 0x09d0 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\windows\system32\drivers\Msfs.sys
10:19:22.0470 0x09d0 Msfs - ok
10:19:22.0485 0x09d0 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\windows\System32\drivers\msgpiowin32.sys
10:19:22.0485 0x09d0 msgpiowin32 - ok
10:19:22.0501 0x09d0 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
10:19:22.0501 0x09d0 mshidkmdf - ok
10:19:22.0517 0x09d0 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\windows\System32\drivers\mshidumdf.sys
10:19:22.0517 0x09d0 mshidumdf - ok
10:19:22.0532 0x09d0 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
10:19:22.0532 0x09d0 msisadrv - ok
10:19:22.0563 0x09d0 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\windows\system32\iscsiexe.dll
10:19:22.0563 0x09d0 MSiSCSI - ok
10:19:22.0563 0x09d0 msiserver - ok
10:19:22.0579 0x09d0 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
10:19:22.0579 0x09d0 MSKSSRV - ok
10:19:22.0610 0x09d0 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\windows\system32\DRIVERS\mslldp.sys
10:19:22.0610 0x09d0 MsLldp - ok
10:19:22.0626 0x09d0 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
10:19:22.0626 0x09d0 MSPCLOCK - ok
10:19:22.0626 0x09d0 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
10:19:22.0641 0x09d0 MSPQM - ok
10:19:22.0657 0x09d0 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\windows\system32\drivers\MsRPC.sys
10:19:22.0657 0x09d0 MsRPC - ok
10:19:22.0657 0x09d0 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\windows\System32\drivers\mssmbios.sys
10:19:22.0673 0x09d0 mssmbios - ok
10:19:22.0751 0x09d0 [ 3AE13C9869B7CE1135BCF21C0AAA68ED, 3E917376199B13523DFB4FCC445583D9DF0606AD0A6A02B111D8A3EE6B71E117 ] MSSQLSERVER c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
10:19:22.0751 0x09d0 MSSQLSERVER - ok
10:19:22.0782 0x09d0 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
10:19:22.0782 0x09d0 MSTEE - ok
10:19:22.0798 0x09d0 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\windows\System32\drivers\MTConfig.sys
10:19:22.0798 0x09d0 MTConfig - ok
10:19:22.0798 0x09d0 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\windows\system32\Drivers\mup.sys
10:19:22.0798 0x09d0 Mup - ok
10:19:22.0813 0x09d0 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\windows\system32\drivers\mvumis.sys
10:19:22.0813 0x09d0 mvumis - ok
10:19:22.0845 0x09d0 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\windows\system32\qagentRT.dll
10:19:22.0860 0x09d0 napagent - ok
10:19:22.0892 0x09d0 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
10:19:22.0907 0x09d0 NativeWifiP - ok
10:19:22.0923 0x09d0 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\windows\System32\ncasvc.dll
10:19:22.0938 0x09d0 NcaSvc - ok
10:19:22.0954 0x09d0 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\windows\System32\ncbservice.dll
10:19:22.0954 0x09d0 NcbService - ok
10:19:22.0954 0x09d0 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\windows\System32\NcdAutoSetup.dll
10:19:22.0954 0x09d0 NcdAutoSetup - ok
10:19:23.0016 0x09d0 [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\windows\system32\drivers\ndis.sys
10:19:23.0032 0x09d0 NDIS - ok
10:19:23.0048 0x09d0 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
10:19:23.0063 0x09d0 NdisCap - ok
10:19:23.0095 0x09d0 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\windows\system32\DRIVERS\NdisImPlatform.sys
10:19:23.0095 0x09d0 NdisImPlatform - ok
10:19:23.0110 0x09d0 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
10:19:23.0110 0x09d0 NdisTapi - ok
10:19:23.0126 0x09d0 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
10:19:23.0126 0x09d0 Ndisuio - ok
10:19:23.0126 0x09d0 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\windows\System32\drivers\NdisVirtualBus.sys
10:19:23.0126 0x09d0 NdisVirtualBus - ok
10:19:23.0157 0x09d0 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
10:19:23.0157 0x09d0 NdisWan - ok
10:19:23.0157 0x09d0 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\windows\system32\DRIVERS\ndiswan.sys
10:19:23.0173 0x09d0 NdisWanLegacy - ok
10:19:23.0188 0x09d0 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
10:19:23.0188 0x09d0 NDProxy - ok
10:19:23.0188 0x09d0 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\windows\system32\drivers\Ndu.sys
10:19:23.0204 0x09d0 Ndu - ok
10:19:23.0204 0x09d0 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
10:19:23.0204 0x09d0 NetBIOS - ok
10:19:23.0204 0x09d0 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
10:19:23.0220 0x09d0 NetBT - ok
10:19:23.0235 0x09d0 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\windows\system32\lsass.exe
10:19:23.0235 0x09d0 Netlogon - ok
10:19:23.0251 0x09d0 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\windows\System32\netman.dll
10:19:23.0251 0x09d0 Netman - ok
10:19:23.0266 0x09d0 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\windows\System32\netprofmsvc.dll
10:19:23.0282 0x09d0 netprofm - ok
10:19:23.0313 0x09d0 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:19:23.0313 0x09d0 NetTcpPortSharing - ok
10:19:23.0329 0x09d0 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\windows\system32\DRIVERS\netvsc63.sys
10:19:23.0329 0x09d0 netvsc - ok
10:19:23.0454 0x09d0 [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64 C:\windows\system32\DRIVERS\NETwew02.sys
10:19:23.0501 0x09d0 NETwNe64 - ok
10:19:23.0579 0x09d0 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\windows\System32\nlasvc.dll
10:19:23.0579 0x09d0 NlaSvc - ok
10:19:23.0595 0x09d0 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\windows\system32\drivers\Npfs.sys
10:19:23.0595 0x09d0 Npfs - ok
10:19:23.0610 0x09d0 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys
10:19:23.0610 0x09d0 npsvctrig - ok
10:19:23.0626 0x09d0 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\windows\system32\nsisvc.dll
10:19:23.0641 0x09d0 nsi - ok
10:19:23.0641 0x09d0 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
10:19:23.0641 0x09d0 nsiproxy - ok
10:19:23.0720 0x09d0 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
10:19:23.0735 0x09d0 Ntfs - ok
10:19:23.0751 0x09d0 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\windows\system32\drivers\Null.sys
10:19:23.0751 0x09d0 Null - ok
10:19:24.0017 0x09d0 [ DFEFDD04E890DEC30EFBFC6A89504A6D, 8CD87C5F44AC80DE2E9BBB23149EBFF3BF221BADE0935EC52D948B8CFB519EBA ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
10:19:24.0173 0x09d0 nvlddmkm - ok
10:19:24.0246 0x09d0 [ 6F5D2728019DCE7BFF3BAC1885CC0449, D62ECFE384361F04E6AF446CBB8CF64A58556AEFC0E04204F81073B016960EB8 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
10:19:24.0262 0x09d0 NvNetworkService - ok
10:19:24.0293 0x09d0 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\windows\system32\drivers\nvraid.sys
10:19:24.0293 0x09d0 nvraid - ok
10:19:24.0293 0x09d0 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\windows\system32\drivers\nvstor.sys
10:19:24.0309 0x09d0 nvstor - ok
10:19:24.0668 0x09d0 [ F9C2484E42EDB56E1FFE8378DA3AA778, FB200D950A3BC92B5207A31E9B8255F1DA3989F2DEA160FB653AD1D283FFBFC4 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
10:19:24.0856 0x09d0 NvStreamSvc - ok
10:19:24.0918 0x09d0 [ FFA830CDD57B31B671A025EEF0114030, A1F76EF463263F7D174F6CB674E314719DE0F8CACA580FFD3E74697B1FBFD3CC ] nvsvc C:\windows\system32\nvvsvc.exe
10:19:24.0934 0x09d0 nvsvc - ok
10:19:24.0965 0x09d0 [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\windows\system32\drivers\nvvad64v.sys
10:19:24.0965 0x09d0 nvvad_WaveExtensible - ok
10:19:24.0981 0x09d0 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
10:19:24.0981 0x09d0 nv_agp - ok
10:19:25.0012 0x09d0 [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:19:25.0028 0x09d0 ose64 - ok
10:19:25.0043 0x09d0 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
10:19:25.0059 0x09d0 p2pimsvc - ok
10:19:25.0090 0x09d0 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\windows\system32\p2psvc.dll
10:19:25.0090 0x09d0 p2psvc - ok
10:19:25.0122 0x09d0 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\windows\System32\drivers\parport.sys
10:19:25.0122 0x09d0 Parport - ok
10:19:25.0137 0x09d0 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\windows\system32\drivers\partmgr.sys
10:19:25.0137 0x09d0 partmgr - ok
10:19:25.0153 0x09d0 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\windows\System32\pcasvc.dll
10:19:25.0153 0x09d0 PcaSvc - ok
10:19:25.0200 0x09d0 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\windows\system32\drivers\pci.sys
10:19:25.0200 0x09d0 pci - ok
10:19:25.0231 0x09d0 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\windows\system32\drivers\pciide.sys
10:19:25.0231 0x09d0 pciide - ok
10:19:25.0247 0x09d0 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\windows\system32\drivers\pcmcia.sys
10:19:25.0262 0x09d0 pcmcia - ok
10:19:25.0262 0x09d0 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\windows\system32\drivers\pcw.sys
10:19:25.0262 0x09d0 pcw - ok
10:19:25.0293 0x09d0 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\windows\system32\drivers\pdc.sys
10:19:25.0309 0x09d0 pdc - ok
10:19:25.0325 0x09d0 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\windows\system32\drivers\peauth.sys
10:19:25.0325 0x09d0 PEAUTH - ok
10:19:25.0418 0x09d0 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\windows\SysWow64\perfhost.exe
10:19:25.0418 0x09d0 PerfHost - ok
10:19:25.0450 0x09d0 [ 97DB32ACBE84B955C89C2DF41B549DFC, FB5F9690DB1ABFA4C7662D1518E45E72EBAEE0B01DC21B6FAB3B0545D76E1510 ] PhoneCompanionPusher C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
10:19:25.0450 0x09d0 PhoneCompanionPusher - ok
10:19:25.0465 0x09d0 [ 161D523390AC616641BD05BC4F31C435, 134D31EC8F5CC8A979910F822D253351A48CFC54FA37DA6E90D35E73EFC5331A ] PhoneCompanionVap C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
10:19:25.0465 0x09d0 PhoneCompanionVap - ok
10:19:25.0512 0x09d0 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\windows\system32\pla.dll
10:19:25.0528 0x09d0 pla - ok
10:19:25.0559 0x09d0 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\windows\system32\umpnpmgr.dll
10:19:25.0559 0x09d0 PlugPlay - ok
10:19:25.0575 0x09d0 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
10:19:25.0575 0x09d0 PNRPAutoReg - ok
10:19:25.0590 0x09d0 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
10:19:25.0590 0x09d0 PNRPsvc - ok
10:19:25.0622 0x09d0 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
10:19:25.0637 0x09d0 PolicyAgent - ok
10:19:25.0637 0x09d0 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\windows\system32\umpo.dll
10:19:25.0653 0x09d0 Power - ok
10:19:25.0762 0x09d0 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll
10:19:25.0809 0x09d0 PrintNotify - ok
10:19:25.0840 0x09d0 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\windows\System32\drivers\processr.sys
10:19:25.0840 0x09d0 Processor - ok
10:19:25.0856 0x09d0 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\windows\system32\profsvc.dll
10:19:25.0856 0x09d0 ProfSvc - ok
10:19:25.0887 0x09d0 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\windows\system32\DRIVERS\pacer.sys
10:19:25.0887 0x09d0 Psched - ok
10:19:25.0923 0x09d0 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\windows\system32\qwave.dll
10:19:25.0924 0x09d0 QWAVE - ok
10:19:25.0940 0x09d0 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
10:19:25.0940 0x09d0 QWAVEdrv - ok
10:19:25.0955 0x09d0 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
10:19:25.0955 0x09d0 RasAcd - ok
10:19:25.0971 0x09d0 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\windows\System32\rasauto.dll
10:19:25.0971 0x09d0 RasAuto - ok
10:19:25.0986 0x09d0 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\windows\System32\rasmans.dll
10:19:26.0002 0x09d0 RasMan - ok
10:19:26.0002 0x09d0 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
10:19:26.0002 0x09d0 RasPppoe - ok
10:19:26.0018 0x09d0 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
10:19:26.0018 0x09d0 rdbss - ok
10:19:26.0033 0x09d0 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\windows\System32\drivers\rdpbus.sys
10:19:26.0033 0x09d0 rdpbus - ok
10:19:26.0033 0x09d0 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\windows\system32\drivers\rdpdr.sys
10:19:26.0033 0x09d0 RDPDR - ok
10:19:26.0064 0x09d0 [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
10:19:26.0064 0x09d0 RdpVideoMiniport - ok
10:19:26.0080 0x09d0 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
10:19:26.0080 0x09d0 rdyboost - ok
10:19:26.0111 0x09d0 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\windows\system32\drivers\ReFS.sys
10:19:26.0127 0x09d0 ReFS - ok
10:19:26.0143 0x09d0 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\windows\System32\mprdim.dll
10:19:26.0158 0x09d0 RemoteAccess - ok
10:19:26.0186 0x09d0 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\windows\system32\regsvc.dll
10:19:26.0186 0x09d0 RemoteRegistry - ok
10:19:26.0233 0x09d0 [ D7F279E28D757821232E7AF1DFDC57BA, 4E4E1E0E968085E76C6696F0A2673368D07CF23968A5901F843EB396E6CEC68E ] Reparse C:\windows\system32\DRIVERS\CBReparse.sys
10:19:26.0233 0x09d0 Reparse - ok
10:19:26.0264 0x09d0 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\windows\System32\drivers\rfcomm.sys
10:19:26.0264 0x09d0 RFCOMM - ok
10:19:26.0311 0x09d0 [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
10:19:26.0327 0x09d0 RichVideo64 - ok
10:19:26.0389 0x09d0 [ A194BD067C8C47502A4CC1FA7FDF5137, D2005000016C31FA29D1AE12BF6E79C6A39F0F2A8734F89FBAF98CBD19AB7680 ] RIM MDNS C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
10:19:26.0389 0x09d0 RIM MDNS - ok
10:19:26.0421 0x09d0 [ 47F34502CB8B77DBAA5C986C6EF94713, FCB9EC1D8C509DBC625084C4A8F735C8C1F8273C601F9B898F31D045A127E2AA ] RIM Tunnel Service C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
10:19:26.0436 0x09d0 RIM Tunnel Service - ok
10:19:26.0467 0x09d0 [ 13D2E03E86B34C21D108770E0B5115BB, 8A1695188DD69C377C3B3BEC0B07F5D0F4D19651D7D984BD91F0D78E6B630CC6 ] RimUsb C:\windows\System32\Drivers\RimUsb_AMD64.sys
10:19:26.0483 0x09d0 RimUsb - ok
10:19:26.0483 0x09d0 [ A8C0368EF257B84D4E5A174FB999F7D2, D2B4FCD6B4BBA9DEBFAF24629E518211E913BC9B4D07F72BA5DA99CF4DCA6ABB ] rimvndis C:\windows\System32\Drivers\rimvndis6_AMD64.sys
10:19:26.0499 0x09d0 rimvndis - ok
10:19:26.0514 0x09d0 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
10:19:26.0514 0x09d0 RpcEptMapper - ok
10:19:26.0546 0x09d0 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\windows\system32\locator.exe
10:19:26.0546 0x09d0 RpcLocator - ok
10:19:26.0561 0x09d0 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\windows\system32\rpcss.dll
10:19:26.0561 0x09d0 RpcSs - ok
10:19:26.0608 0x09d0 [ 5AA85332CB1694871B2F0704E0FC9113, 18E11C4E966DEE53FA0E482C55769A35C6C746EB3347DF171A1978D22BC7990B ] RsFx0200 C:\windows\system32\DRIVERS\RsFx0200.sys
10:19:26.0608 0x09d0 RsFx0200 - ok
10:19:26.0639 0x09d0 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
10:19:26.0639 0x09d0 rspndr - ok
10:19:26.0655 0x09d0 [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168 C:\windows\system32\DRIVERS\Rt630x64.sys
10:19:26.0671 0x09d0 RTL8168 - ok
10:19:26.0686 0x09d0 [ 8461757DDDCA99CCB6B97AE3EC3405EC, 15D96ADCE5171BC02845FE3A0209BDD8610B7EC43242FDF61071C7C74B28D808 ] RTSPER C:\windows\system32\DRIVERS\RtsPer.sys
10:19:26.0702 0x09d0 RTSPER - ok
10:19:26.0905 0x09d0 [ 6EA6AC66600E01E55FFB69AE53EE1553, 81ADE4CA618C5229DC241F10711578633093E1E43739AA6726923D9E6D27A0BE ] rtsuvc C:\windows\system32\DRIVERS\rtsuvc.sys
10:19:27.0014 0x09d0 rtsuvc - ok
10:19:27.0030 0x09d0 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\windows\System32\drivers\vms3cap.sys
10:19:27.0030 0x09d0 s3cap - ok
10:19:27.0046 0x09d0 [ E228C336F195FA629D00B02F9FFC5667, 114F562882EF2A439EC4783029A977A53588F3870AED158B46F8DA51B4CB2715 ] SafeBox C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
10:19:27.0046 0x09d0 SafeBox - ok
10:19:27.0077 0x09d0 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\windows\system32\lsass.exe
10:19:27.0077 0x09d0 SamSs - ok
10:19:27.0092 0x09d0 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
10:19:27.0092 0x09d0 sbp2port - ok
10:19:27.0108 0x09d0 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\windows\System32\SCardSvr.dll
10:19:27.0108 0x09d0 SCardSvr - ok
10:19:27.0124 0x09d0 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\windows\System32\ScDeviceEnum.dll
10:19:27.0124 0x09d0 ScDeviceEnum - ok
10:19:27.0139 0x09d0 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
10:19:27.0139 0x09d0 scfilter - ok
10:19:27.0186 0x09d0 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\windows\system32\schedsvc.dll
10:19:27.0202 0x09d0 Schedule - ok
10:19:27.0217 0x09d0 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\windows\System32\certprop.dll
10:19:27.0217 0x09d0 SCPolicySvc - ok
10:19:27.0264 0x09d0 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\windows\System32\drivers\sdbus.sys
10:19:27.0264 0x09d0 sdbus - ok
10:19:27.0280 0x09d0 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\windows\System32\drivers\sdstor.sys
10:19:27.0280 0x09d0 sdstor - ok
10:19:27.0296 0x09d0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
10:19:27.0296 0x09d0 secdrv - ok
10:19:27.0311 0x09d0 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\windows\system32\seclogon.dll
10:19:27.0311 0x09d0 seclogon - ok
10:19:27.0327 0x09d0 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\windows\System32\sens.dll
10:19:27.0342 0x09d0 SENS - ok
10:19:27.0358 0x09d0 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\windows\system32\sensrsvc.dll
10:19:27.0358 0x09d0 SensrSvc - ok
10:19:27.0374 0x09d0 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\windows\system32\drivers\SerCx.sys
10:19:27.0374 0x09d0 SerCx - ok
10:19:27.0405 0x09d0 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\windows\system32\drivers\SerCx2.sys
10:19:27.0405 0x09d0 SerCx2 - ok
10:19:27.0405 0x09d0 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\windows\System32\drivers\serenum.sys
10:19:27.0405 0x09d0 Serenum - ok
10:19:27.0421 0x09d0 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\windows\System32\drivers\serial.sys
10:19:27.0421 0x09d0 Serial - ok
10:19:27.0436 0x09d0 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\windows\System32\drivers\sermouse.sys
10:19:27.0436 0x09d0 sermouse - ok
10:19:27.0483 0x09d0 [ 0CBE2081CAC41BD0093AF69E167B6559, D446B1B31B823875E0536CA8A2F784093B0DA77A875FB0F2D5EABB6DE711CFFC ] Service KMSELDI C:\Program Files\KMSpico\Service_KMS.exe
10:19:27.0483 0x09d0 Service KMSELDI - ok
10:19:27.0499 0x09d0 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\windows\system32\sessenv.dll
10:19:27.0514 0x09d0 SessionEnv - ok
10:19:27.0514 0x09d0 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\windows\System32\drivers\sfloppy.sys
10:19:27.0514 0x09d0 sfloppy - ok
10:19:27.0530 0x09d0 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\windows\System32\ipnathlp.dll
10:19:27.0546 0x09d0 SharedAccess - ok
10:19:27.0577 0x09d0 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\windows\System32\shsvcs.dll
10:19:27.0592 0x09d0 ShellHWDetection - ok
10:19:27.0592 0x09d0 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
10:19:27.0608 0x09d0 SiSRaid2 - ok
10:19:27.0624 0x09d0 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
10:19:27.0624 0x09d0 SiSRaid4 - ok
10:19:27.0655 0x09d0 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\windows\System32\smphost.dll
10:19:27.0655 0x09d0 smphost - ok
10:19:27.0671 0x09d0 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\windows\System32\snmptrap.exe
10:19:27.0671 0x09d0 SNMPTRAP - ok
10:19:27.0717 0x09d0 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\windows\system32\drivers\spaceport.sys
10:19:27.0717 0x09d0 spaceport - ok
10:19:27.0733 0x09d0 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\windows\system32\drivers\SpbCx.sys
10:19:27.0733 0x09d0 SpbCx - ok
10:19:27.0764 0x09d0 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\windows\System32\spoolsv.exe
10:19:27.0764 0x09d0 Spooler - ok
10:19:27.0905 0x09d0 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\windows\system32\sppsvc.exe
10:19:27.0983 0x09d0 sppsvc - ok
10:19:28.0077 0x09d0 [ E9254892A2D74E537BAD3092F0F8EE40, BEB715404B799F3181C699E233F98B2A913BEB677E94ABE8E2872499FC755385 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:19:28.0092 0x09d0 SQLBrowser - ok
10:19:28.0190 0x09d0 [ B70FAF0C7C5737AA6973E14B45477730, 48D835D64D36A46BD2ED6080A0D733B92960DA3EA459005F536587BB19B16A7E ] SQLSERVERAGENT c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
10:19:28.0196 0x09d0 SQLSERVERAGENT - ok
10:19:28.0227 0x09d0 [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:19:28.0227 0x09d0 SQLWriter - ok
10:19:28.0274 0x09d0 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\windows\system32\DRIVERS\srv.sys
10:19:28.0274 0x09d0 srv - ok
10:19:28.0336 0x09d0 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
10:19:28.0336 0x09d0 srv2 - ok
10:19:28.0383 0x09d0 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
10:19:28.0383 0x09d0 srvnet - ok
10:19:28.0399 0x09d0 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
10:19:28.0414 0x09d0 SSDPSRV - ok
10:19:28.0414 0x09d0 SSPORT - ok
10:19:28.0414 0x09d0 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\windows\system32\sstpsvc.dll
10:19:28.0430 0x09d0 SstpSvc - ok
10:19:28.0430 0x09d0 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\windows\system32\drivers\stexstor.sys
10:19:28.0446 0x09d0 stexstor - ok
10:19:28.0461 0x09d0 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\windows\System32\wiaservc.dll
10:19:28.0477 0x09d0 stisvc - ok
10:19:28.0493 0x09d0 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\windows\system32\drivers\storahci.sys
10:19:28.0493 0x09d0 storahci - ok
10:19:28.0508 0x09d0 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\windows\system32\DRIVERS\vmstorfl.sys
10:19:28.0508 0x09d0 storflt - ok
10:19:28.0508 0x09d0 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\windows\system32\drivers\stornvme.sys
10:19:28.0508 0x09d0 stornvme - ok
10:19:28.0524 0x09d0 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\windows\system32\storsvc.dll
10:19:28.0539 0x09d0 StorSvc - ok
10:19:28.0555 0x09d0 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\windows\system32\drivers\storvsc.sys
10:19:28.0555 0x09d0 storvsc - ok
10:19:28.0571 0x09d0 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\windows\system32\svsvc.dll
10:19:28.0571 0x09d0 svsvc - ok
10:19:28.0571 0x09d0 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\windows\System32\drivers\swenum.sys
10:19:28.0571 0x09d0 swenum - ok
10:19:28.0664 0x09d0 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
10:19:28.0664 0x09d0 SwitchBoard - ok
10:19:28.0711 0x09d0 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\windows\System32\swprv.dll
10:19:28.0727 0x09d0 swprv - ok
10:19:28.0868 0x09d0 [ C6F59E545B2BC2E1CF858C45B10B8BAD, 475AC54FF101B627747C43EE466E04C7479C405E8FC1EDE3CEA049AF0C5DDC89 ] SynchronizationService.exe C:\Program Files\COMODO\COMMON\SynchronizationService.exe
10:19:28.0899 0x09d0 SynchronizationService.exe - ok
10:19:28.0930 0x09d0 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\windows\system32\sysmain.dll
10:19:28.0946 0x09d0 SysMain - ok
10:19:29.0008 0x09d0 [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
10:19:29.0024 0x09d0 SystemEventsBroker - ok
10:19:29.0039 0x09d0 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\windows\System32\TabSvc.dll
10:19:29.0039 0x09d0 TabletInputService - ok
10:19:29.0055 0x09d0 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\windows\System32\tapisrv.dll
10:19:29.0055 0x09d0 TapiSrv - ok
10:19:29.0155 0x09d0 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\windows\system32\drivers\tcpip.sys
10:19:29.0196 0x09d0 Tcpip - ok
10:19:29.0263 0x09d0 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
10:19:29.0295 0x09d0 TCPIP6 - ok
10:19:29.0310 0x09d0 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
10:19:29.0310 0x09d0 tcpipreg - ok
10:19:29.0326 0x09d0 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\windows\system32\DRIVERS\tdx.sys
10:19:29.0326 0x09d0 tdx - ok
10:19:29.0326 0x09d0 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\windows\System32\drivers\terminpt.sys
10:19:29.0342 0x09d0 terminpt - ok
10:19:29.0373 0x09d0 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\windows\System32\termsrv.dll
10:19:29.0388 0x09d0 TermService - ok
10:19:29.0388 0x09d0 TESHelper - ok
10:19:29.0420 0x09d0 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\windows\system32\themeservice.dll
10:19:29.0420 0x09d0 Themes - ok
10:19:29.0435 0x09d0 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\windows\system32\mmcss.dll
10:19:29.0435 0x09d0 THREADORDER - ok
10:19:29.0451 0x09d0 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\windows\System32\TimeBrokerServer.dll
10:19:29.0451 0x09d0 TimeBroker - ok
10:19:29.0498 0x09d0 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\windows\system32\drivers\tpm.sys
10:19:29.0498 0x09d0 TPM - ok
10:19:29.0498 0x09d0 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\windows\System32\trkwks.dll
10:19:29.0513 0x09d0 TrkWks - ok
10:19:29.0545 0x09d0 [ 3E75A47D2DEFD2683DCA409572FBE8B2, 33964B1A05E045D3B878CDFD9F52A9086B4FA54D6D4D1DC38062D2874CACD4A0 ] trufos C:\windows\system32\DRIVERS\trufos.sys
10:19:29.0560 0x09d0 trufos - ok
10:19:29.0592 0x09d0 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
10:19:29.0592 0x09d0 TrustedInstaller - ok
10:19:29.0607 0x09d0 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
10:19:29.0607 0x09d0 TsUsbFlt - ok
10:19:29.0623 0x09d0 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys
10:19:29.0623 0x09d0 TsUsbGD - ok
10:19:29.0638 0x09d0 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
10:19:29.0638 0x09d0 tunnel - ok
10:19:29.0638 0x09d0 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\windows\system32\drivers\uagp35.sys
10:19:29.0654 0x09d0 uagp35 - ok
10:19:29.0670 0x09d0 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\windows\System32\drivers\uaspstor.sys
10:19:29.0670 0x09d0 UASPStor - ok
10:19:29.0670 0x09d0 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\windows\System32\drivers\ucx01000.sys
10:19:29.0670 0x09d0 UCX01000 - ok
10:19:29.0701 0x09d0 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\windows\system32\DRIVERS\udfs.sys
10:19:29.0701 0x09d0 udfs - ok
10:19:29.0701 0x09d0 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\windows\System32\drivers\UEFI.sys
10:19:29.0701 0x09d0 UEFI - ok
10:19:29.0732 0x09d0 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\windows\system32\UI0Detect.exe
10:19:29.0732 0x09d0 UI0Detect - ok
10:19:29.0748 0x09d0 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
10:19:29.0748 0x09d0 uliagpkx - ok
10:19:29.0748 0x09d0 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\windows\System32\drivers\umbus.sys
10:19:29.0748 0x09d0 umbus - ok
10:19:29.0763 0x09d0 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\windows\System32\drivers\umpass.sys
10:19:29.0763 0x09d0 UmPass - ok
10:19:29.0779 0x09d0 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\windows\System32\umrdp.dll
10:19:29.0779 0x09d0 UmRdpService - ok
10:19:29.0826 0x09d0 [ B239FDC885A77E4D5FB93AD1BA2A80EC, EA4D6DF359FD9BD6465C44D718638ECF2F68F163F44F72B1897065012FBF7426 ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
10:19:29.0826 0x09d0 UPDATESRV - ok
10:19:29.0842 0x09d0 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\windows\System32\upnphost.dll
10:19:29.0842 0x09d0 upnphost - ok
10:19:29.0873 0x09d0 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\windows\System32\drivers\usbccgp.sys
10:19:29.0873 0x09d0 usbccgp - ok
10:19:29.0904 0x09d0 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\windows\System32\drivers\usbcir.sys
10:19:29.0904 0x09d0 usbcir - ok
10:19:29.0935 0x09d0 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\windows\System32\drivers\usbehci.sys
10:19:29.0951 0x09d0 usbehci - ok
10:19:29.0982 0x09d0 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\windows\System32\drivers\usbhub.sys
10:19:29.0982 0x09d0 usbhub - ok
10:19:30.0013 0x09d0 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\windows\System32\drivers\UsbHub3.sys
10:19:30.0013 0x09d0 USBHUB3 - ok
10:19:30.0060 0x09d0 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\windows\System32\drivers\usbohci.sys
10:19:30.0060 0x09d0 usbohci - ok
10:19:30.0060 0x09d0 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\windows\System32\drivers\usbprint.sys
10:19:30.0060 0x09d0 usbprint - ok
10:19:30.0092 0x09d0 [ F3F90825C416B264D016AA9D02C244C4, EEBB594BFF2FB52521995211858C9DB90CD317C5C0E2FB61BF837078BC438FD3 ] usbrndis6 C:\windows\system32\DRIVERS\usb80236.sys
10:19:30.0092 0x09d0 usbrndis6 - ok
10:19:30.0115 0x09d0 [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
10:19:30.0130 0x09d0 usbscan - ok
10:19:30.0155 0x09d0 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\windows\System32\drivers\USBSTOR.SYS
10:19:30.0155 0x09d0 USBSTOR - ok
10:19:30.0197 0x09d0 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\windows\System32\drivers\usbuhci.sys
10:19:30.0198 0x09d0 usbuhci - ok
10:19:30.0217 0x09d0 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
10:19:30.0217 0x09d0 usbvideo - ok
10:19:30.0233 0x09d0 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\windows\System32\drivers\USBXHCI.SYS
10:19:30.0233 0x09d0 USBXHCI - ok
10:19:30.0248 0x09d0 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\windows\system32\lsass.exe
10:19:30.0248 0x09d0 VaultSvc - ok
10:19:30.0311 0x09d0 [ 95717FCA60876284568B5CD476A59C41, 9A360985F072448A89890ACC5DD2155DDA0FD1EC2FFAC4697F0CFE60548CC980 ] VBoxNetAdp C:\windows\system32\DRIVERS\VBoxNetAdp.sys
10:19:30.0311 0x09d0 VBoxNetAdp - ok
10:19:30.0326 0x09d0 VBoxNetFlt - ok
10:19:30.0373 0x09d0 [ 7181DACBD6699770F027A049594A3DCF, F90D04A38D3C7F94A24E37C3C1FB10FB9EF6077D7DD1FA248707C1A0A72C922B ] vdbus C:\windows\System32\drivers\vdbus.sys
10:19:30.0389 0x09d0 vdbus - ok
10:19:30.0436 0x09d0 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
10:19:30.0436 0x09d0 vdrvroot - ok
10:19:30.0482 0x09d0 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\windows\System32\vds.exe
10:19:30.0498 0x09d0 vds - ok
10:19:30.0545 0x09d0 [ F205A2FDA8498AA2DCF950728AE7241B, A6DB3C35774D60016FCF4D6DE44C77DEC06DB02F342BD41814DDF80878A4983E ] VeriFaceSrv C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
10:19:30.0545 0x09d0 VeriFaceSrv - ok
10:19:30.0545 0x09d0 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\windows\system32\drivers\VerifierExt.sys
10:19:30.0561 0x09d0 VerifierExt - ok
10:19:30.0576 0x09d0 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\windows\System32\drivers\vhdmp.sys
10:19:30.0592 0x09d0 vhdmp - ok
10:19:30.0608 0x09d0 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\windows\system32\drivers\viaide.sys
10:19:30.0608 0x09d0 viaide - ok
10:19:30.0654 0x09d0 [ 2562943B90AFA9829097FB4274276D1D, EE003EF7A3EC49CFEF2EED841482721D7A89368967BFC44CE8DD9D3BDAF0572F ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
10:19:30.0654 0x09d0 VMAuthdService - ok
10:19:30.0670 0x09d0 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\windows\system32\drivers\vmbus.sys
10:19:30.0670 0x09d0 vmbus - ok
10:19:30.0670 0x09d0 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\windows\System32\drivers\VMBusHID.sys
10:19:30.0670 0x09d0 VMBusHID - ok
10:19:30.0701 0x09d0 [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci C:\windows\system32\drivers\vmci.sys
10:19:30.0701 0x09d0 vmci - ok
10:19:30.0717 0x09d0 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\windows\System32\ICSvc.dll
10:19:30.0732 0x09d0 vmicguestinterface - ok
10:19:30.0748 0x09d0 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\windows\System32\ICSvc.dll
10:19:30.0764 0x09d0 vmicheartbeat - ok
10:19:30.0779 0x09d0 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\windows\System32\ICSvc.dll
10:19:30.0779 0x09d0 vmickvpexchange - ok
10:19:30.0795 0x09d0 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\windows\System32\ICSvc.dll
10:19:30.0795 0x09d0 vmicrdv - ok
10:19:30.0811 0x09d0 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\windows\System32\ICSvc.dll
10:19:30.0826 0x09d0 vmicshutdown - ok
10:19:30.0826 0x09d0 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\windows\System32\ICSvc.dll
10:19:30.0842 0x09d0 vmictimesync - ok
10:19:30.0857 0x09d0 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\windows\System32\ICSvc.dll
10:19:30.0857 0x09d0 vmicvss - ok
10:19:30.0873 0x09d0 [ 4F19996D0765835797EC7B5F35D12240, FD4D222A373C3DF2B9FC7877C0EC050BF71A6C700FB52984E44FD25E49755A11 ] vmkbd2 C:\windows\system32\drivers\VMkbd.sys
10:19:30.0889 0x09d0 vmkbd2 - ok
10:19:30.0904 0x09d0 [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter C:\windows\system32\DRIVERS\vmnetadapter.sys
10:19:30.0904 0x09d0 VMnetAdapter - ok
10:19:30.0936 0x09d0 [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge C:\windows\system32\DRIVERS\vmnetbridge.sys
10:19:30.0936 0x09d0 VMnetBridge - ok
10:19:30.0951 0x09d0 VMnetDHCP - ok
10:19:30.0967 0x09d0 [ F550680013FEA869820CB8320FAA2352, AA98DB7E71737DD8574ADB2DD9531C1DD46BABE99F89ED87D681D6C21BFA0D1C ] VMnetuserif C:\windows\system32\drivers\vmnetuserif.sys
10:19:30.0967 0x09d0 VMnetuserif - ok
10:19:31.0029 0x09d0 [ 41FAE6618768DC93D98DDAF3F8282D3E, 95995542026CC111B8FFAA01AC9E55B2F942A9108F5F00502A35339C13BBF20D ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
10:19:31.0045 0x09d0 VMUSBArbService - ok
10:19:31.0045 0x09d0 VMware NAT Service - ok
10:19:31.0061 0x09d0 [ 227E4EA654B4D52C2AAA8B1DCD5C45DE, 7D9A675A6481D288846D7F22AE15EC62DF31C9385C83D875586EE371CC9C3410 ] vmx86 C:\windows\system32\drivers\vmx86.sys
10:19:31.0061 0x09d0 vmx86 - ok
10:19:31.0076 0x09d0 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\windows\system32\drivers\volmgr.sys
10:19:31.0076 0x09d0 volmgr - ok
10:19:31.0092 0x09d0 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
10:19:31.0092 0x09d0 volmgrx - ok
10:19:31.0139 0x09d0 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\windows\system32\drivers\volsnap.sys
10:19:31.0154 0x09d0 volsnap - ok
10:19:31.0170 0x09d0 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\windows\System32\drivers\vpci.sys
10:19:31.0170 0x09d0 vpci - ok
10:19:31.0170 0x09d0 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\windows\system32\drivers\vsmraid.sys
10:19:31.0186 0x09d0 vsmraid - ok
10:19:31.0217 0x09d0 [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock C:\windows\system32\drivers\vsock.sys
10:19:31.0217 0x09d0 vsock - ok
10:19:31.0279 0x09d0 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\windows\system32\vssvc.exe
10:19:31.0295 0x09d0 VSS - ok
10:19:31.0358 0x09d0 [ ACEC3397D7FE8DF37DAD3B175CA2E148, EC917AC9274784E22A7D25B14B0294A7804FD098D8BD6295CFF4F17A2507694C ] VSSERV C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
10:19:31.0379 0x09d0 VSSERV - ok
10:19:31.0408 0x09d0 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys
10:19:31.0408 0x09d0 VSTXRAID - ok
10:19:31.0439 0x09d0 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
10:19:31.0439 0x09d0 vwifibus - ok
10:19:31.0486 0x09d0 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
10:19:31.0486 0x09d0 vwififlt - ok
10:19:31.0517 0x09d0 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
10:19:31.0517 0x09d0 vwifimp - ok
10:19:31.0564 0x09d0 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\windows\system32\w32time.dll
10:19:31.0564 0x09d0 W32Time - ok
10:19:31.0580 0x09d0 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\windows\System32\drivers\wacompen.sys
10:19:31.0580 0x09d0 WacomPen - ok
10:19:31.0627 0x09d0 wampmysqld64 - ok
10:19:31.0674 0x09d0 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\windows\system32\wbengine.exe
10:19:31.0689 0x09d0 wbengine - ok
10:19:31.0797 0x09d0 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\windows\System32\wbiosrvc.dll
10:19:31.0797 0x09d0 WbioSrvc - ok
10:19:31.0813 0x09d0 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\windows\System32\wcmsvc.dll
10:19:31.0813 0x09d0 Wcmsvc - ok
10:19:31.0828 0x09d0 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\windows\System32\wcncsvc.dll
10:19:31.0844 0x09d0 wcncsvc - ok
10:19:31.0859 0x09d0 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
10:19:31.0859 0x09d0 WcsPlugInService - ok
10:19:31.0875 0x09d0 [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\windows\system32\drivers\WdBoot.sys
10:19:31.0891 0x09d0 WdBoot - ok
10:19:31.0943 0x09d0 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
10:19:31.0954 0x09d0 Wdf01000 - ok
10:19:31.0978 0x09d0 [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\windows\system32\drivers\WdFilter.sys
10:19:31.0978 0x09d0 WdFilter - ok
10:19:32.0009 0x09d0 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\windows\system32\wdi.dll
10:19:32.0009 0x09d0 WdiServiceHost - ok
10:19:32.0009 0x09d0 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\windows\system32\wdi.dll
10:19:32.0009 0x09d0 WdiSystemHost - ok
10:19:32.0024 0x09d0 [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\windows\system32\Drivers\WdNisDrv.sys
10:19:32.0040 0x09d0 WdNisDrv - ok
10:19:32.0071 0x09d0 WdNisSvc - ok
10:19:32.0103 0x09d0 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\windows\System32\webclnt.dll
10:19:32.0103 0x09d0 WebClient - ok
10:19:32.0118 0x09d0 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\windows\system32\wecsvc.dll
10:19:32.0134 0x09d0 Wecsvc - ok
10:19:32.0134 0x09d0 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\windows\system32\wephostsvc.dll
10:19:32.0149 0x09d0 WEPHOSTSVC - ok
10:19:32.0165 0x09d0 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\windows\System32\wercplsupport.dll
10:19:32.0165 0x09d0 wercplsupport - ok
10:19:32.0165 0x09d0 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\windows\System32\WerSvc.dll
10:19:32.0165 0x09d0 WerSvc - ok
10:19:32.0202 0x09d0 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys
10:19:32.0205 0x09d0 WFPLWFS - ok
10:19:32.0224 0x09d0 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\windows\System32\wiarpc.dll
10:19:32.0224 0x09d0 WiaRpc - ok
10:19:32.0224 0x09d0 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
10:19:32.0224 0x09d0 WIMMount - ok
10:19:32.0240 0x09d0 WinDefend - ok
10:19:32.0271 0x09d0 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
10:19:32.0287 0x09d0 WinHttpAutoProxySvc - ok
10:19:32.0334 0x09d0 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
10:19:32.0334 0x09d0 Winmgmt - ok
10:19:32.0428 0x09d0 [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\windows\system32\WsmSvc.dll
10:19:32.0459 0x09d0 WinRM - ok
10:19:32.0553 0x09d0 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\windows\System32\wlansvc.dll
10:19:32.0568 0x09d0 WlanSvc - ok
10:19:32.0615 0x09d0 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\windows\system32\wlidsvc.dll
10:19:32.0631 0x09d0 wlidsvc - ok
10:19:32.0662 0x09d0 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys
10:19:32.0662 0x09d0 WmiAcpi - ok
10:19:32.0693 0x09d0 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
10:19:32.0693 0x09d0 wmiApSrv - ok
10:19:32.0725 0x09d0 WMPNetworkSvc - ok
10:19:32.0740 0x09d0 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\windows\system32\drivers\Wof.sys
10:19:32.0740 0x09d0 Wof - ok
10:19:32.0803 0x09d0 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\windows\system32\workfolderssvc.dll
10:19:32.0834 0x09d0 workfolderssvc - ok
10:19:32.0865 0x09d0 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys
10:19:32.0865 0x09d0 wpcfltr - ok
10:19:32.0881 0x09d0 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\windows\System32\wpcsvc.dll
10:19:32.0881 0x09d0 WPCSvc - ok
10:19:32.0928 0x09d0 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
10:19:32.0928 0x09d0 WPDBusEnum - ok
10:19:32.0943 0x09d0 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys
10:19:32.0943 0x09d0 WpdUpFltr - ok
10:19:32.0959 0x09d0 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
10:19:32.0959 0x09d0 ws2ifsl - ok
10:19:32.0990 0x09d0 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\windows\System32\wscsvc.dll
10:19:33.0006 0x09d0 wscsvc - ok
10:19:33.0021 0x09d0 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\windows\System32\drivers\WSDPrint.sys
10:19:33.0021 0x09d0 WSDPrintDevice - ok
10:19:33.0053 0x09d0 [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan C:\windows\system32\DRIVERS\WSDScan.sys
10:19:33.0053 0x09d0 WSDScan - ok
10:19:33.0068 0x09d0 WSearch - ok
10:19:33.0146 0x09d0 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\windows\System32\WSService.dll
10:19:33.0193 0x09d0 WSService - ok
10:19:33.0224 0x09d0 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
10:19:33.0224 0x09d0 wsvd - ok
10:19:33.0334 0x09d0 [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\windows\system32\wuaueng.dll
10:19:33.0381 0x09d0 wuauserv - ok
10:19:33.0412 0x09d0 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
10:19:33.0412 0x09d0 WudfPf - ok
10:19:33.0412 0x09d0 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\windows\System32\drivers\WUDFRd.sys
10:19:33.0428 0x09d0 WUDFRd - ok
10:19:33.0443 0x09d0 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\windows\system32\DRIVERS\WUDFRd.sys
10:19:33.0443 0x09d0 WUDFSensorLP - ok
10:19:33.0459 0x09d0 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\windows\System32\WUDFSvc.dll
10:19:33.0459 0x09d0 wudfsvc - ok
10:19:33.0459 0x09d0 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\windows\system32\DRIVERS\WUDFRd.sys
10:19:33.0474 0x09d0 WUDFWpdFs - ok
10:19:33.0506 0x09d0 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\windows\System32\wwansvc.dll
10:19:33.0506 0x09d0 WwanSvc - ok
10:19:33.0537 0x09d0 [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
10:19:33.0553 0x09d0 ZAtheros Bt and Wlan Coex Agent - ok
10:19:33.0568 0x09d0 ================ Scan global ===============================
10:19:33.0615 0x09d0 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\windows\system32\basesrv.dll
10:19:33.0646 0x09d0 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\windows\system32\winsrv.dll
10:19:33.0678 0x09d0 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\windows\system32\sxssrv.dll
10:19:33.0725 0x09d0 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\windows\system32\services.exe
10:19:33.0740 0x09d0 [ Global ] - ok
10:19:33.0740 0x09d0 ================ Scan MBR ==================================
10:19:33.0740 0x09d0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
10:19:33.0740 0x09d0 \Device\Harddisk0\DR0 - ok
10:19:33.0740 0x09d0 ================ Scan VBR ==================================
10:19:33.0756 0x09d0 [ CCBCF5483FB86A24B7E89F7006DEDC90 ] \Device\Harddisk0\DR0\Partition1
10:19:33.0834 0x09d0 \Device\Harddisk0\DR0\Partition1 - ok
10:19:33.0834 0x09d0 [ B5645FA9BFD32E26BB534FB835D9D181 ] \Device\Harddisk0\DR0\Partition2
10:19:33.0896 0x09d0 \Device\Harddisk0\DR0\Partition2 - ok
10:19:33.0912 0x09d0 [ C41E1DCAD6D3E9F2907923CFB7334A98 ] \Device\Harddisk0\DR0\Partition3
10:19:33.0975 0x09d0 \Device\Harddisk0\DR0\Partition3 - ok
10:19:33.0975 0x09d0 [ 3C29D44C9C9D93425996EB4400F0A4C7 ] \Device\Harddisk0\DR0\Partition4
10:19:33.0975 0x09d0 \Device\Harddisk0\DR0\Partition4 - ok
10:19:33.0975 0x09d0 [ 650DC040F162D643A3ECF5F1876773C4 ] \Device\Harddisk0\DR0\Partition5
10:19:34.0053 0x09d0 \Device\Harddisk0\DR0\Partition5 - ok
10:19:34.0084 0x09d0 [ F53A8AA4E45DD823DC148CEAC2EDD95B ] \Device\Harddisk0\DR0\Partition6
10:19:34.0100 0x09d0 \Device\Harddisk0\DR0\Partition6 - ok
10:19:34.0100 0x09d0 [ B2AF1EEC7AF8ED0B3ADC0ED4AC93449D ] \Device\Harddisk0\DR0\Partition7
10:19:34.0115 0x09d0 \Device\Harddisk0\DR0\Partition7 - ok
10:19:34.0115 0x09d0 ================ Scan generic autorun ======================
10:19:34.0233 0x09d0 [ EE316C8D7C1B99412F2C8F1C64268182, F297F1AB3493FE73B40A3B3F9B20612C33E4F155D35B18CAB4256FB6E62C320A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
10:19:34.0280 0x09d0 NvBackend - ok
10:19:34.0296 0x09d0 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\windows\system32\rundll32.exe
10:19:34.0296 0x09d0 ShadowPlay - ok
10:19:34.0436 0x09d0 [ 0E2427CF7B8BFC002795159AB55564C1, F4DAEEC6CD7580621C3411ADC5EAA8BE1927924EC2FEDA05E223E6580D8FA9B7 ] C:\windows\RTFTrack.exe
10:19:34.0593 0x09d0 RtsFT - ok
10:19:34.0593 0x09d0 ETDCtrl - ok
10:19:34.0890 0x09d0 [ 37C6C318D6AFAFA2EBA99820EDF21DA6, 5693AA141B947761EE41FBDC6F16FDC5BBB5BA8EBE1DEC90AD6EF33BFAF885A5 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:19:35.0171 0x09d0 RtHDVCpl - ok
10:19:35.0202 0x09d0 [ 0F5B142D4CF1E742B37690AF07D14A8D, 35994A4F6B57B847DAC6CAB60FAE59053B2BA0A80A6E7FBDDC3AC9BA60CB757D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
10:19:35.0218 0x09d0 RtHDVBg_Dolby - ok
10:19:35.0265 0x09d0 [ 0F5B142D4CF1E742B37690AF07D14A8D, 35994A4F6B57B847DAC6CAB60FAE59053B2BA0A80A6E7FBDDC3AC9BA60CB757D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
10:19:35.0280 0x09d0 RtHDVBg_LENOVO_DOLBYDRAGON - ok
10:19:35.0296 0x09d0 [ 0F5B142D4CF1E742B37690AF07D14A8D, 35994A4F6B57B847DAC6CAB60FAE59053B2BA0A80A6E7FBDDC3AC9BA60CB757D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
10:19:35.0311 0x09d0 RtHDVBg_LENOVO_MICPKEY - ok
10:19:35.0436 0x09d0 [ E7C8E8D71978722E1D3C4D6FBC7D98C0, C45B79FCAA1D3D25DD50A525CE26D1469E4C6183E117DDD7950B57BBAB31E8D9 ] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
10:19:35.0530 0x09d0 OnekeyStudio - ok
10:19:35.0561 0x09d0 [ E82868EAA58A9281964B891F5FA82576, 650C083A7CB7AD6F6BF7355395CCA7B4792500CE59C98B63E238B2FE1A82AE40 ] C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
10:19:35.0577 0x09d0 PhoneCompanion - ok
10:19:35.0921 0x09d0 [ D0F24D9FE702CFE79998245BE2C7A1E4, 006A51465D58B5EBD97A912A2685E1EE7A3E549C604B78B498AF9FB1A7AD398D ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
10:19:36.0304 0x09d0 Energy Manager - ok
10:19:36.0539 0x09d0 [ 2799F4D6B52C73B8403F8A333889EA4D, 4089204B30E43BE302F1547F442666F7C5ABDAAF8B5F045FC666F1CDD531676C ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
10:19:36.0742 0x09d0 Lenovo Utility - ok
10:19:36.0851 0x09d0 [ D5F1ADEA6513A230E27A3ADAD2A3B160, 947AA3C8C2AB8C07832BE1BE337ADD4B3105785FDF5844537D658554EF265A73 ] C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
10:19:36.0882 0x09d0 Bdagent - ok
10:19:36.0898 0x09d0 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe
10:19:36.0898 0x09d0 Logitech Download Assistant - ok
10:19:36.0976 0x09d0 [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
10:19:36.0992 0x09d0 AdobeAAMUpdater-1.0 - ok
10:19:37.0085 0x09d0 [ A58C6C5E5953B3C837537BBCF3767E69, 398C1D04BEF85E9FC6E1EE42F7341DE4302FF66ADC054A03D12253D261A6F589 ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
10:19:37.0117 0x09d0 COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - ok
10:19:37.0179 0x09d0 [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
10:19:37.0179 0x09d0 UpdateP2GShortCut - ok
10:19:37.0273 0x09d0 [ 5A24A4C2C90836B838F958E2F592FC5D, A70296F9C38AFF2AF1C6AD8038E8EEE287F4251BEA97C10324C9B5C3D25213F4 ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
10:19:37.0273 0x09d0 BDRegion - ok
10:19:37.0414 0x09d0 [ A1A7EFFC9893A4D1FD4521EABE5DF210, 7E4D701001E2218EFB585B6C4E6930063297F2DF6DF1366E7B1F280637D5EB99 ] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
10:19:37.0414 0x09d0 RIMBBLaunchAgent.exe - ok
10:19:37.0523 0x09d0 [ AAAD5152483375023CDA5A31A339587A, D5BFC9D655C593F8FF078BF41374E84E9CF3B331E1B7AB4DEDB45F12804FC3E0 ] C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
10:19:37.0742 0x09d0 RIM PeerManager - ok
10:19:37.0773 0x09d0 [ 887CAA31048EB8ED09A0CBD0E6F46F09, BBCED0BD4EB00C3FECFC9448223D4C441A868787877291F5489B07B43FAB65A4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:19:37.0789 0x09d0 SunJavaUpdateSched - ok
10:19:37.0835 0x09d0 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
10:19:37.0851 0x09d0 SwitchBoard - ok
10:19:37.0914 0x09d0 [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
10:19:37.0945 0x09d0 AdobeCS6ServiceManager - ok
10:19:38.0024 0x09d0 [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
10:19:38.0039 0x09d0 tvncontrol - ok
10:19:38.0086 0x09d0 [ 0DFC21F95480B688E83C715A6C668095, 43D5B04031F991B2866B369CFA83079AC43DF362D1524541F39C648D1A516D07 ] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
10:19:38.0102 0x09d0 Bitdefender Wallet Agent - ok
10:19:38.0149 0x09d0 [ DD5A8388F7BC7052EED93207A8B3A0B7, E3EEC0B262D2C0063C694118A634A2F09C019D7A024A18C8BE83AF60BE45ECDC ] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe
10:19:38.0180 0x09d0 Bitdefender Wallet - ok
10:19:38.0211 0x09d0 [ DB1919F34AB9CD5F43B0ED463D7E8D28, B7FC47EACF3B0B352AC7552743A43CD1DF147D8E1F6D0BF30D300000E12859A6 ] C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
10:19:38.0228 0x09d0 Bitdefender Wallet Application Agent - ok
10:19:38.0275 0x09d0 GoogleDriveSync - ok
10:19:38.0384 0x09d0 [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
10:19:38.0462 0x09d0 DAEMON Tools Lite - ok
10:19:38.0619 0x09d0 [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
10:19:38.0634 0x09d0 Spotify Web Helper - ok
10:19:38.0775 0x09d0 [ 0431B48CF752D88C33C4BA39BA64CCB2, 4D65608DB7B460E4797285D8FE305E407C6FA57663AF54500E1A730BBBC433FF ] C:\Users\Laurens Cleyman\AppData\Roaming\Spotify\spotify.exe
10:19:38.0837 0x09d0 Spotify - ok
10:19:38.0853 0x09d0 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe
10:19:38.0853 0x09d0 Pokki - ok
10:19:38.0869 0x09d0 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe
10:19:38.0869 0x09d0 Pokki - ok
10:19:38.0869 0x09d0 Waiting for KSN requests completion. In queue: 192
10:19:39.0884 0x09d0 Waiting for KSN requests completion. In queue: 192
10:19:40.0893 0x09d0 Waiting for KSN requests completion. In queue: 192
10:19:42.0181 0x09d0 AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender\wscfix.exe ( 17.30.0.1307 ), 0x41000 ( enabled : updated )
10:19:42.0284 0x09d0 AV detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated )
10:19:42.0315 0x09d0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
10:19:42.0315 0x09d0 AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.0.0.4344 ), 0x61000 ( enabled : updated )
10:19:42.0409 0x09d0 FW detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\wmifw.exe ( 15.0.1.415 ), 0x41010 ( enabled )
10:19:42.0425 0x09d0 FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.0.0.4344 ), 0x61010 ( enabled )
10:19:42.0425 0x09d0 FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender\wscfix.exe ( 17.30.0.1307 ), 0x41010 ( enabled )
10:20:02.0434 0x09d0 ============================================================
10:20:02.0434 0x09d0 Scan finished
10:20:02.0434 0x09d0 ============================================================
10:20:02.0434 0x12ac Detected object count: 0
10:20:02.0434 0x12ac Actual detected object count: 0
10:21:01.0076 0x225c Deinitialize success

 

 

 

Many thanks for taking the time to look at my problem ! !   :guitar:



#5 Laurens_Cleyman

Laurens_Cleyman
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:54 AM

Posted 14 January 2015 - 04:39 AM

Maybe something you have to know: when I run Gmer rootkit scanner i got three errors:

 

1 before I pressed scan:

 

 

C:\windows\system32\config\system:

The proces has no acces to the file because it is used by an other proces.

[OK]

 

 

and this two just before the end of the scan:

 

 

C:\windows\system32\config\system:

The proces has no acces to the file because it is used by an other proces.

[OK]

 

 

C:\Users\Laurens Cleyman\ntuser.dat:

The proces has no acces to the file because it is used by an other proces.

[OK]



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 AM

Posted 14 January 2015 - 05:41 AM

Multiple Antivirus Programs installed!

I do not recommend that you have more than one anti-virus product installed and running on your computer at a time.

The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Therefore please go to add/remove in the control panel and remove any antivirus program expect of one:

 

 

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Kaspersky Total Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71}


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 Laurens_Cleyman

Laurens_Cleyman
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:54 AM

Posted 14 January 2015 - 07:35 AM

Ok, I removed Kaspersky Total Security and Comodo Antivirus. Windows Defender is disabled.

 

I only have Bitdefender Antivirus running now.  :wink:

 

(I installed Kaspersky and Comodo a few days ago to search for the malware.. without succes)

 

Best regards, 

 

Laurens



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 AM

Posted 14 January 2015 - 08:09 AM

Scan with Mini Toolbox 


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
 

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 Laurens_Cleyman

Laurens_Cleyman
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:54 AM

Posted 14 January 2015 - 08:12 AM

Done !  :rolleyes:

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Laurens Cleyman (administrator) on 14-01-2015 at 14:10:39
Running from "C:\Users\Laurens Cleyman\Downloads\Chrome"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1       localhost
127.0.0.1       localhost
127.0.0.1       localhost

========================= IP Configuration: ================================

Qualcomm Atheros AR956x Wireless Network Adapter = Wi-Fi (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="LAN-verbinding* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth-netwerkverbinding" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="LAN-verbinding* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="LAN-verbinding* 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="LAN-verbinding" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="VMware Network Adapter VMnet1" address=192.168.164.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet8" address=192.168.209.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Lenovo-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : sbnetwork.local

Tunnel adapter LAN-verbinding:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : BlackBerry Virtual Private Network
   Physical Address. . . . . . . . . : 02-00-47-4A-CA-01
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : fd14:d187:7300:5014:6f24:f406:7ab8:4ef6(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::c1a:bf03:9996:d4a9%13(Preferred) 
   Autoconfiguration IPv4 Address. . : 169.254.212.169(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 570605675
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-4A-3F-D4-F8-A9-63-3C-57-0F
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter LAN-verbinding* 4:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Physical Address. . . . . . . . . : 5A-CF-5E-9C-E9-91
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter LAN-verbinding* 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 1A-CF-5E-9C-E9-91
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : sbnetwork.local
   Description . . . . . . . . . . . : Qualcomm Atheros AR956x Wireless Network Adapter
   Physical Address. . . . . . . . . : 18-CF-5E-9C-E9-91
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::296c:baba:cff1:9cfb%8(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.10.51(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : woensdag 14 januari 2015 13:57:38
   Lease Expires . . . . . . . . . . : donderdag 22 januari 2015 13:57:55
   Default Gateway . . . . . . . . . : 192.168.10.254
   DHCP Server . . . . . . . . . . . : 192.168.10.2
   DHCPv6 IAID . . . . . . . . . . . : 135843678
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-4A-3F-D4-F8-A9-63-3C-57-0F
   DNS Servers . . . . . . . . . . . : 192.168.10.2
                                       8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : sbnetwork.local
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : F8-A9-63-3C-57-0F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VMware Network Adapter VMnet1:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
   Physical Address. . . . . . . . . : 00-50-56-C0-00-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::25d8:b3e:c3b6:d648%18(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.164.1(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 570445910
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-4A-3F-D4-F8-A9-63-3C-57-0F
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet8:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
   Physical Address. . . . . . . . . : 00-50-56-C0-00-08
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8d20:5e21:d109:8bf0%19(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.209.1(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 587223126
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-4A-3F-D4-F8-A9-63-3C-57-0F
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B0CC3084-B5CE-486F-882D-448522936AEC}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B0042E03-20DF-4B77-852B-D9A2232E899D}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{69A1DB07-9B35-4F2A-A98A-5CCE6C27822C}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.sbnetwork.local:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : sbnetwork.local
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.10.2

Name:    google.com
Addresses:  2a00:1450:4010:c05::64
	  74.125.205.102
	  74.125.205.138
	  74.125.205.101
	  74.125.205.113
	  74.125.205.139
	  74.125.205.100


Pinging google.com [74.125.143.102] with 32 bytes of data:
Reply from 74.125.143.102: bytes=32 time=57ms TTL=47
Reply from 74.125.143.102: bytes=32 time=57ms TTL=47

Ping statistics for 74.125.143.102:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 57ms, Maximum = 57ms, Average = 57ms
Server:  server.sbnetwork.local
Address:  192.168.10.2

Name:    yahoo.com
Addresses:  98.138.253.109
	  98.139.183.24
	  206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=123ms TTL=50
Reply from 98.138.253.109: bytes=32 time=125ms TTL=50

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 123ms, Maximum = 125ms, Average = 124ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...02 00 47 4a ca 01 ......BlackBerry Virtual Private Network
 10...5a cf 5e 9c e9 91 ......Microsoft Hosted Network Virtual Adapter
  9...1a cf 5e 9c e9 91 ......Microsoft Wi-Fi Direct Virtual Adapter
  8...18 cf 5e 9c e9 91 ......Qualcomm Atheros AR956x Wireless Network Adapter
  3...f8 a9 63 3c 57 0f ......Realtek PCIe GBE Family Controller
 18...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
 19...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0   192.168.10.254    192.168.10.51     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link   169.254.212.169    261
  169.254.212.169  255.255.255.255         On-link   169.254.212.169    261
  169.254.255.255  255.255.255.255         On-link   169.254.212.169    261
     192.168.10.0    255.255.255.0         On-link     192.168.10.51    281
    192.168.10.51  255.255.255.255         On-link     192.168.10.51    281
   192.168.10.255  255.255.255.255         On-link     192.168.10.51    281
    192.168.164.0    255.255.255.0         On-link     192.168.164.1    276
    192.168.164.1  255.255.255.255         On-link     192.168.164.1    276
  192.168.164.255  255.255.255.255         On-link     192.168.164.1    276
    192.168.209.0    255.255.255.0         On-link     192.168.209.1    276
    192.168.209.1  255.255.255.255         On-link     192.168.209.1    276
  192.168.209.255  255.255.255.255         On-link     192.168.209.1    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.10.51    281
        224.0.0.0        240.0.0.0         On-link     192.168.164.1    276
        224.0.0.0        240.0.0.0         On-link     192.168.209.1    276
        224.0.0.0        240.0.0.0         On-link   169.254.212.169    261
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.10.51    281
  255.255.255.255  255.255.255.255         On-link     192.168.164.1    276
  255.255.255.255  255.255.255.255         On-link     192.168.209.1    276
  255.255.255.255  255.255.255.255         On-link   169.254.212.169    261
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 13    261 fd00::/8                 On-link
 13    261 fd14:d187:7300:5014:6f24:f406:7ab8:4ef6/128
                                    On-link
  8    281 fe80::/64                On-link
 18    276 fe80::/64                On-link
 19    276 fe80::/64                On-link
 13    261 fe80::/64                On-link
 13    261 fe80::c1a:bf03:9996:d4a9/128
                                    On-link
 18    276 fe80::25d8:b3e:c3b6:d648/128
                                    On-link
  8    281 fe80::296c:baba:cff1:9cfb/128
                                    On-link
 19    276 fe80::8d20:5e21:d109:8bf0/128
                                    On-link
  1    306 ff00::/8                 On-link
  8    281 ff00::/8                 On-link
 18    276 ff00::/8                 On-link
 19    276 ff00::/8                 On-link
 13    261 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\windows\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 12 C:\windows\SysWOW64\vsocklib.dll [63568] (VMware, Inc.)
Catalog9 13 C:\windows\SysWOW64\vsocklib.dll [63568] (VMware, Inc.)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\vsocklib.dll [67664] (VMware, Inc.)
x64-Catalog9 13 C:\Windows\System32\vsocklib.dll [67664] (VMware, Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/14/2015 02:00:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Lenovo-PC)
Description: Het activeren van de app E046963F.LenovoCompanion_k1h2ywk1493x8!App is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (01/14/2015 02:00:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Lenovo-PC)
Description: Het activeren van de app E046963F.LenovoSupport_k1h2ywk1493x8!App is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (01/14/2015 02:00:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Lenovo-PC)
Description: Het activeren van de app E046963F.LenovoSupport_k1h2ywk1493x8!App is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (01/14/2015 11:29:29 AM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Het volume WINRE_DRV is niet geoptimaliseerd, omdat er een fout is opgetreden: De parameter is onjuist. (0x80070057)

Error: (01/14/2015 10:49:29 AM) (Source: RIM MDNS) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 275203

Error: (01/14/2015 10:49:29 AM) (Source: RIM MDNS) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 275203

Error: (01/14/2015 10:49:29 AM) (Source: RIM MDNS) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/14/2015 10:49:14 AM) (Source: RIM MDNS) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 259578

Error: (01/14/2015 10:49:14 AM) (Source: RIM MDNS) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 259578

Error: (01/14/2015 10:49:14 AM) (Source: RIM MDNS) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/14/2015 01:36:12 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: toepassingsspecifiekLokaalActiveren{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar

Error: (01/14/2015 01:33:35 PM) (Source: Service Control Manager) (User: )
Description: De Windows Defender Service-service kan vanwege de volgende fout niet worden gestart: 
%%577

Error: (01/14/2015 10:52:57 AM) (Source: Service Control Manager) (User: )
Description: De SSPORT-service kan vanwege de volgende fout niet worden gestart: 
%%2

Error: (01/14/2015 10:52:32 AM) (Source: Service Control Manager) (User: )
Description: De DgiVecp-service kan vanwege de volgende fout niet worden gestart: 
%%1275

Error: (01/14/2015 10:52:32 AM) (Source: Application Popup) (User: )
Description: \??\C:\windows\SysWow64\Drivers\DgiVecp.sys

Error: (01/14/2015 10:51:54 AM) (Source: Service Control Manager) (User: )
Description: De Bitdefender Virus Shield-service is bij het starten vastgelopen.

Error: (01/14/2015 10:52:20 AM) (Source: EventLog) (User: )
Description: De vorige afsluiting van het systeem om 10:11:38 op ‎14/‎01/‎2015 is onverwacht gebeurd.

Error: (01/14/2015 09:42:53 AM) (Source: DCOM) (User: Lenovo-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/14/2015 09:32:01 AM) (Source: Service Control Manager) (User: )
Description: De SSPORT-service kan vanwege de volgende fout niet worden gestart: 
%%2

Error: (01/14/2015 09:31:43 AM) (Source: Service Control Manager) (User: )
Description: De DgiVecp-service kan vanwege de volgende fout niet worden gestart: 
%%1275


Microsoft Office Sessions:
=========================
Error: (01/14/2015 02:00:00 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Lenovo-PC)
Description: E046963F.LenovoCompanion_k1h2ywk1493x8!App-2144927142

Error: (01/14/2015 02:00:00 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Lenovo-PC)
Description: E046963F.LenovoSupport_k1h2ywk1493x8!App-2144927142

Error: (01/14/2015 02:00:00 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Lenovo-PC)
Description: E046963F.LenovoSupport_k1h2ywk1493x8!App-2144927142

Error: (01/14/2015 11:29:29 AM) (Source: Microsoft-Windows-Defrag)(User: )
Description: WINRE_DRVDe parameter is onjuist. (0x80070057)

Error: (01/14/2015 10:49:29 AM) (Source: RIM MDNS)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 275203

Error: (01/14/2015 10:49:29 AM) (Source: RIM MDNS)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 275203

Error: (01/14/2015 10:49:29 AM) (Source: RIM MDNS)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/14/2015 10:49:14 AM) (Source: RIM MDNS)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 259578

Error: (01/14/2015 10:49:14 AM) (Source: RIM MDNS)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 259578

Error: (01/14/2015 10:49:14 AM) (Source: RIM MDNS)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2015-01-14 13:33:35.621
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-01-14 13:32:23.049
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-14 10:42:03.030
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-14 10:29:13.999
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-14 09:54:26.489
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-13 21:26:45.235
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-13 21:07:40.840
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.



=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
Belvedere 0.5 (HKLM-x32\...\Belvedere) (Version: 0.5 - Lifehacker)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.29.0.1235 - Bitdefender)
BlackBerry Link (HKLM-x32\...\BlackBerry_10_Desktop) (Version: 1.2.3.56 - BlackBerry Ltd.)
BlackBerry Link (x32 Version: 1.2.3.56 - BlackBerry Ltd.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.67.1076 - AB Team, d.o.o.)
BurnAware Free 7.5 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
calibre 64bit (HKLM\...\{98EF3B25-E714-46D7-AD9E-13CF2E29F741}) (Version: 2.10.0 - Kovid Goyal)
COMODO BackUp (HKLM\...\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}) (Version: 4.4.1.23 - COMODO)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink MediaStory (x32 Version: 1.0.1314 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.1.4107 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2910926) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{725014FA-5CEE-4D8D-B101-33AC64E21BE6}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2910926) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{725014FA-5CEE-4D8D-B101-33AC64E21BE6}) (Version:  - Microsoft)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKCU\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
Enpass 4.0.5 (HKLM-x32\...\Enpass) (Version: 4.0.5 - Sinew Software Systems)
FileZilla Client 3.9.0.3 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.5.624 - Foxit Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.19.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.2 - Lenovo) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.39.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo)
Lenovo Settings (x32 Version: 1.0.0.46 - Lenovo) Hidden
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.2 - Lenovo)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo)
Lenovo Updates (x32 Version: 1.1.0.61 - Lenovo) Hidden
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.3211 - Lenovo)
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Malwarebytes Anti-Malware versie 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Access MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2013  - Dutch/Nederlands (HKLM\...\Office15.OMUI.nl-nl) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office O MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Nederlands (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SharePoint Designer MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (Version:  - ) Hidden
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 RsFx Driver (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{FEC535DD-0EB2-4709-87BD-1708C6364EB6}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visio MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio Professional 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Word MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft X MUI (Dutch) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA Control Panel 332.50 (Version: 332.50 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.50 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0927 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
QlikView x64 (HKLM\...\{BAB4187A-F349-497E-A151-79D1B274B936}) (Version: 11.20.12577.0 - QlikTech International AB)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2 beta r2326 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
SAS Enterprise Guide 6.1 OnDemand for Academics (64-bit) (HKLM\...\{0B669C73-F4CD-498F-B83F-0A42F1EDB092}) (Version: 6.100.0.2870 - SAS Institute Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{F0C12872-B60D-4E37-A2F9-20C46A5E1F1A}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 1 for SQL Server 2012 (KB2674319) (HKLM-x32\...\KB2674319) (Version: 11.1.3000.0 - Microsoft Corporation)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.1.3000.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS)
Update for Microsoft Access 2013 (KB2863859) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AFE0615A-25D9-4F1A-9374-C02C5D79566B}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2863859) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUS_{AFE0615A-25D9-4F1A-9374-C02C5D79566B}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2863859) 64-Bit Edition (HKLM\...\{90150000-0015-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{AFE0615A-25D9-4F1A-9374-C02C5D79566B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8260F0BF-F234-41FC-AB11-218A9925F77B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{D5D8FED5-5FA1-4616-BEEB-2D050A316C76}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2910927) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{972B1CC2-E4E5-44ED-9C18-93F8AC52D117}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2910927) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{972B1CC2-E4E5-44ED-9C18-93F8AC52D117}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2910927) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{972B1CC2-E4E5-44ED-9C18-93F8AC52D117}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2910927) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{972B1CC2-E4E5-44ED-9C18-93F8AC52D117}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2910927) 64-Bit Edition (HKLM\...\{90150000-012B-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{972B1CC2-E4E5-44ED-9C18-93F8AC52D117}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{25DEA344-FF6F-41BD-B88F-5242BB8E80E1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837654) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2147FFF7-71C4-4306-AFE2-1AA7A6025BB1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837654) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{2147FFF7-71C4-4306-AFE2-1AA7A6025BB1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF1B7B95-4A86-4605-A628-556394B5580A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{DF1B7B95-4A86-4605-A628-556394B5580A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881008) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FCA6FD54-B1B9-4747-9E2B-2DDE78D0D58B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881008) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{FCA6FD54-B1B9-4747-9E2B-2DDE78D0D58B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881008) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{FCA6FD54-B1B9-4747-9E2B-2DDE78D0D58B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881008) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.VISPRO_{FCA6FD54-B1B9-4747-9E2B-2DDE78D0D58B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881008) 64-Bit Edition (HKLM\...\{90150000-006E-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{FCA6FD54-B1B9-4747-9E2B-2DDE78D0D58B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881008) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FCA6FD54-B1B9-4747-9E2B-2DDE78D0D58B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881008) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{FCA6FD54-B1B9-4747-9E2B-2DDE78D0D58B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0100-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EADBF225-163E-406B-B11A-26ECCCAB5A0E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889858) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5DE693CB-0F8E-4451-AECF-ABB3D3C11533}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889858) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{5DE693CB-0F8E-4451-AECF-ABB3D3C11533}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889938) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{15303C5C-2E28-41CC-B171-5D26A2F64529}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889938) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{15303C5C-2E28-41CC-B171-5D26A2F64529}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D7FAA622-6BCF-4EDF-8C34-A48E1838D57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7FAA622-6BCF-4EDF-8C34-A48E1838D57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition (HKLM\...\{90150000-0016-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{D7FAA622-6BCF-4EDF-8C34-A48E1838D57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2899501) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DAE5038C-3A14-4A2F-BBCC-794A4E863A28}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2899501) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{DAE5038C-3A14-4A2F-BBCC-794A4E863A28}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2899505) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{147128E6-6D8A-4A2C-A169-F511B17DF876}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2899522) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A4E88D96-814F-4183-8DB2-BA3EC2B7E434}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2899522) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{A4E88D96-814F-4183-8DB2-BA3EC2B7E434}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910922) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{74127016-6D6B-49D6-96D9-F1EB6C5528BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910922) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{D7B3589E-55FC-45AD-961E-03B5DDAE6424}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910922) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7B3589E-55FC-45AD-961E-03B5DDAE6424}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910922) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.VISPRO_{D7B3589E-55FC-45AD-961E-03B5DDAE6424}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910922) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{F3D6B501-B4DE-4335-BF66-C84E14B1ACCF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910922) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{F3D6B501-B4DE-4335-BF66-C84E14B1ACCF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910922) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.VISPRO_{F3D6B501-B4DE-4335-BF66-C84E14B1ACCF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910922) 64-Bit Edition (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{EBCAA621-0A65-405E-9D17-A382DB2B6E2D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910922) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{CCE959A9-F9D3-4650-BE27-315659424097}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910922) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.VISPRO_{CCE959A9-F9D3-4650-BE27-315659424097}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910931) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DAFC2027-6EB5-4821-9A58-4492949FBA86}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910931) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{DAFC2027-6EB5-4821-9A58-4492949FBA86}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910931) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DAFC2027-6EB5-4821-9A58-4492949FBA86}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2910931) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{DAFC2027-6EB5-4821-9A58-4492949FBA86}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2920734) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0B49798D-F5CF-4CCF-B7F0-084A7A715DAF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2920734) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{0B49798D-F5CF-4CCF-B7F0-084A7A715DAF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2920734) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0B49798D-F5CF-4CCF-B7F0-084A7A715DAF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2920734) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.VISPRO_{0B49798D-F5CF-4CCF-B7F0-084A7A715DAF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2920734) 64-Bit Edition (HKLM\...\{90150000-006E-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{0B49798D-F5CF-4CCF-B7F0-084A7A715DAF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2920734) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0B49798D-F5CF-4CCF-B7F0-084A7A715DAF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2920734) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{0B49798D-F5CF-4CCF-B7F0-084A7A715DAF}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2910935) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5C6D6EA5-46AF-44A1-BDD7-F51CB9899BD9}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2910935) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5C6D6EA5-46AF-44A1-BDD7-F51CB9899BD9}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2910935) 64-Bit Edition (HKLM\...\{90150000-00BA-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{5C6D6EA5-46AF-44A1-BDD7-F51CB9899BD9}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2910935) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5C6D6EA5-46AF-44A1-BDD7-F51CB9899BD9}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2910935) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{5C6D6EA5-46AF-44A1-BDD7-F51CB9899BD9}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2910935) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5C6D6EA5-46AF-44A1-BDD7-F51CB9899BD9}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2910935) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.VISPRO_{5C6D6EA5-46AF-44A1-BDD7-F51CB9899BD9}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2910935) 64-Bit Edition (HKLM\...\{90150000-00C1-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{5C6D6EA5-46AF-44A1-BDD7-F51CB9899BD9}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2899502) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{40739168-E682-4758-B78D-575B1E230884}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2899502) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40739168-E682-4758-B78D-575B1E230884}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2899502) 64-Bit Edition (HKLM\...\{90150000-00A1-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{40739168-E682-4758-B78D-575B1E230884}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2899502) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{40739168-E682-4758-B78D-575B1E230884}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2899502) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{40739168-E682-4758-B78D-575B1E230884}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2899504) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C47FD1BD-A91B-4BAB-9B3D-BAA0D6E8E656}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2899504) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C47FD1BD-A91B-4BAB-9B3D-BAA0D6E8E656}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2899504) 64-Bit Edition (HKLM\...\{90150000-001A-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{C47FD1BD-A91B-4BAB-9B3D-BAA0D6E8E656}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2899504) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{C47FD1BD-A91B-4BAB-9B3D-BAA0D6E8E656}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2910907) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2FEF1ED-9398-4EA7-B179-4E4A0837B6AF}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2910907) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D2FEF1ED-9398-4EA7-B179-4E4A0837B6AF}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2910907) 64-Bit Edition (HKLM\...\{90150000-0018-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{D2FEF1ED-9398-4EA7-B179-4E4A0837B6AF}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2910913) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7D62F87F-1887-48D0-B01A-2141D04F055A}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2910913) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{7D62F87F-1887-48D0-B01A-2141D04F055A}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2910913) 64-Bit Edition (HKLM\...\{90150000-0054-0409-1000-0000000FF1CE}_Office15.VISPRO_{7D62F87F-1887-48D0-B01A-2141D04F055A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.VISPRO_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0413-1000-0000000FF1CE}_Office15.OMUI.nl-nl_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Visual Paradigm 11.2 (HKLM\...\1106-5897-7327-6550) (Version: 11.2 - Visual Paradigm International Ltd.)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
Walletx - Sinew Software Systems (HKLM-x32\...\Walletx) (Version:  - )
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows Driver Package - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.11 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH)

========================= Memory info: ===================================

Percentage of memory in use: 22%
Total physical RAM: 16296.27 MB
Available physical RAM: 12592.13 MB
Total Pagefile: 32680.27 MB
Available Pagefile: 28008.13 MB
Total Virtual: 4095.88 MB
Available Virtual: 3955.27 MB

========================= Partitions: =====================================

1 Drive c: (Windows8_OS) (Fixed) (Total:888.64 GB) (Free:494.82 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.09 GB) NTFS

========================= Users: ========================================

Gebruikersaccounts voor \\LENOVO-PC

Administrator            Gast                     Laurens Cleyman          
De opdracht is voltooid.


**** End of log ****



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 AM

Posted 14 January 2015 - 09:14 AM

Are you able to browse google.com now?


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 Laurens_Cleyman

Laurens_Cleyman
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:54 AM

Posted 14 January 2015 - 09:29 AM

Dear Marius, 

 

You made my day ! 

 

I would really like to thank you for the quick and super effective help ! 

 

I pressed the donate button and send you the only (few) dollars I have on paypal !   :tophat:

 

Best regards, 

 

Laurens



#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 AM

Posted 14 January 2015 - 09:34 AM

Uninstall our tools using delfix

Please follow these steps in order:

  • In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  • In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  • In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process
  • If there is still something left please delete it manualy.




Delete System Restore Points

To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one.

On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points.




Temp File Cleaner

We need to download Temp File Cleaner (TFC) by OldTimer:
  • Please download TFC.exe by Oldtimer at one of the two links: Link 1 Link 2
  • Save and close all running applications
  • Double-click on TFC.exe to run the program
  • Click on Start to begin the cleaning process note: this program may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup
  • When the scan is complete, if you were not asked to reboot the computer, please do so now
More Information can be found about the tool here: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/

 

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.

  • Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

  • Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system.
  • Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.
    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 AM

Posted 21 January 2015 - 06:55 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users