Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Stubborn adware


  • This topic is locked This topic is locked
52 replies to this topic

#1 toggleon

toggleon

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:20 AM

Posted 01 September 2015 - 09:48 AM

Greeting. A few weeks ago, my daughter downloaded a painting program that came bundled with Crossbrowse and some other malware/adware. Using a variety of tools and methods suggested here and on reddit, I was able to remove much of the offending items, yet the pop-ups persist. This morning I've run Malwarebytes Anti-Malware, AdwCleaner and FRST and have posted the logs below. 

 

Any help would be greatly appreciated

 

alwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/1/2015
Scan Time: 7:41 AM
Logfile: mlw.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.09.01.03
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Eva1
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356782
Time Elapsed: 32 min, 20 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
# AdwCleaner v5.003 - Logfile created 01/09/2015 at 09:31:35
# Updated 20/08/2015 by Xplode
# Database : 2015-08-31.2 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Eva1 - EVA
# Running from : C:\Users\Eva1\Desktop\Malware protection\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\Eva1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Eva1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
:: Proxy settings cleared
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C10].txt - [886 bytes] ##########
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Eva1 (administrator) on EVA (01-09-2015 09:39:56)
Running from C:\Users\Eva1\Desktop\Malware protection
Loaded Profiles: Eva1 (Available Profiles: Eva1)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Video DSP\DriverMFTService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Eva1\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3245832 2014-07-14] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [ASUS ROG MacroKey] => C:\Program Files (x86)\ASUS\ASUS ROG MacroKey\Hid.exe [2036224 2014-07-30] (ASUS)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [828952 2015-08-20] (Webroot)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-26] (Electronic Arts)
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Run: [Spotify] => C:\Users\Eva1\AppData\Roaming\Spotify\Spotify.exe [7389752 2015-08-25] (Spotify Ltd)
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1341192 2015-05-20] (Bogdan Sharkov)
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Run: [Spotify Web Helper] => C:\Users\Eva1\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-25] (Spotify Ltd)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
Startup: C:\Users\Eva1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-06-29]
ShortcutTarget: Curse.lnk -> C:\Users\Eva1\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4DA66220-9C74-4A2A-9E79-7713AAE4CDE4}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-183226619-428685392-4017880705-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-183226619-428685392-4017880705-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll [2015-07-20] (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll [2015-07-20] (Webroot)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-28] (Oracle Corporation)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll [2015-07-20] (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll [2015-07-20] (Webroot)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-28] (Oracle Corporation)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll [2015-07-20] (Webroot)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll [2015-07-20] (Webroot)
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-28] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-12-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-12-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
FF HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Firefox\Extensions: [ninjaloader@mail.com] - C:\Program Files (x86)\Ninja Loader\FireFox
 
Chrome: 
=======
CHR Profile: C:\Users\Eva1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Eva1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-08-31]
CHR Extension: (Adblock Plus) - C:\Users\Eva1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Eva1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Eva1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-20]
CHR HKLM-x32\...\Chrome\Extension: [cmlhbjpgeogifjnmlajdaealbdlfonah] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.1.0.59.crx [2015-07-20]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2015-07-20]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 DriverMFTService; C:\Program Files (x86)\Asus\ASUS Video DSP\DriverMFTService.exe [9728 2014-10-29] (ASUSTek Computer Inc.) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [102152 2014-07-14] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [125168 2014-11-04] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-26] (Electronic Arts)
S3 ThunderboltService; C:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe [1179944 2014-03-06] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [828952 2015-08-20] (Webroot)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [107208 2014-01-17] (GenesysLogic)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-08-26] ()
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [225008 2014-11-04] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79528 2014-10-15] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3482600 2014-11-17] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2014-12-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-08-26] ()
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117792 2015-08-20] (Webroot)
S3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [41040 2015-07-20] (Webroot)
U0 msahci; system32\drivers\msahci.sys [X]
U0 SR; no ImagePath
U2 srservice; no ImagePath
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-01 08:19 - 2015-09-01 08:19 - 00001036 _____ C:\Users\Eva1\Desktop\mlw.txt
2015-09-01 08:18 - 2015-09-01 08:18 - 00001038 _____ C:\malw1.txt
2015-08-31 12:16 - 2015-09-01 09:39 - 00000000 ____D C:\FRST
2015-08-30 12:09 - 2015-08-30 14:22 - 00000000 ____D C:\Users\Eva1\Downloads\YanSimAugust26th
2015-08-30 12:02 - 2015-08-30 12:08 - 501221923 _____ C:\Users\Eva1\Downloads\YanSimAugust26th.rar
2015-08-30 10:20 - 2015-08-30 10:20 - 00001282 _____ C:\Users\Eva1\Desktop\Revo Uninstaller.lnk
2015-08-30 10:20 - 2015-08-30 10:20 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-29 08:10 - 2015-08-29 08:10 - 11185062 _____ C:\Users\Eva1\Downloads\Modern+HD+1.5.zip
2015-08-27 09:49 - 2015-08-30 10:06 - 00002188 _____ C:\Users\Eva1\Desktop\Rkill.txt
2015-08-27 09:16 - 2015-08-27 09:16 - 00000872 _____ C:\Users\Eva1\AppData\Local\recently-used.xbel
2015-08-27 09:16 - 2015-08-27 09:16 - 00000000 ____D C:\Users\Eva1\.thumbnails
2015-08-27 09:13 - 2015-08-29 18:11 - 00000000 ____D C:\Users\Eva1\.gimp-2.8
2015-08-27 09:13 - 2015-08-27 09:13 - 00000000 ____D C:\Users\Eva1\AppData\Local\gegl-0.2
2015-08-27 09:05 - 2015-08-27 09:05 - 00000912 _____ C:\Users\Eva1\Desktop\GIMP 2.lnk
2015-08-27 09:04 - 2015-08-27 09:05 - 00000000 ____D C:\Program Files\GIMP 2
2015-08-27 09:03 - 2015-08-27 09:03 - 91931728 _____ (The GIMP Team ) C:\Users\Eva1\Downloads\gimp-2.8.14-setup-1.exe
2015-08-27 09:03 - 2015-08-27 09:03 - 25424256 _____ ( ) C:\Users\Eva1\Downloads\gimp-help-2-2.8.1-en-setup.exe
2015-08-26 17:55 - 2015-08-26 17:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-26 17:55 - 2015-08-26 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-26 14:36 - 2015-08-26 14:37 - 00000000 ____D C:\EEK
2015-08-26 14:11 - 2015-08-26 14:33 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-26 14:11 - 2015-08-26 14:11 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-08-26 14:02 - 2015-08-26 14:02 - 00043664 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-08-26 14:01 - 2015-08-26 14:01 - 00022524 _____ C:\Windows\system32\.crusader
2015-08-26 13:49 - 2015-08-26 14:01 - 00000000 ____D C:\ProgramData\HitmanPro
2015-08-26 13:45 - 2015-09-01 09:35 - 00000164 _____ C:\Users\Eva1\AppData\Roaming\sp_data.sys
2015-08-26 13:25 - 2015-08-26 12:34 - 01798560 _____ (Malwarebytes Corporation) C:\Users\Eva1\Desktop\JRT.exe
2015-08-26 11:45 - 2015-09-01 09:39 - 00000000 ____D C:\Users\Eva1\Desktop\Malware protection
2015-08-26 10:52 - 2015-08-26 10:52 - 00000321 _____ C:\Windows\ads.js
2015-08-26 10:52 - 2015-08-26 10:52 - 00000136 _____ C:\Windows\version.ini
2015-08-26 10:08 - 2015-09-01 07:41 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-26 10:08 - 2015-08-26 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-26 10:08 - 2015-08-26 11:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-26 10:08 - 2015-08-26 10:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-26 10:08 - 2015-06-18 08:52 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-26 10:08 - 2015-06-18 08:52 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-26 10:08 - 2015-06-18 08:52 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-26 09:26 - 2015-09-01 09:31 - 00000000 ____D C:\AdwCleaner
2015-08-26 09:08 - 2015-08-26 09:08 - 00000000 ____D C:\ProgramData\ASUS
2015-08-19 22:49 - 2015-08-10 20:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 22:49 - 2015-08-10 19:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-17 15:50 - 2015-08-17 15:50 - 00000222 _____ C:\Users\Eva1\Desktop\Fortress Forever.url
2015-08-17 15:36 - 2015-08-17 15:36 - 00000220 _____ C:\Users\Eva1\Desktop\The Ship.url
2015-08-17 15:36 - 2015-08-17 15:36 - 00000220 _____ C:\Users\Eva1\Desktop\The Ship Tutorial.url
2015-08-17 15:36 - 2015-08-17 15:36 - 00000220 _____ C:\Users\Eva1\Desktop\The Ship Single Player.url
2015-08-16 10:46 - 2015-08-16 10:46 - 00000222 _____ C:\Users\Eva1\Desktop\Foul Play.url
2015-08-12 22:27 - 2015-07-30 09:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:27 - 2015-07-30 08:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:14 - 2015-07-18 20:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 11:14 - 2015-07-18 13:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 11:14 - 2015-07-18 13:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 11:14 - 2015-07-18 13:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 11:14 - 2015-07-18 13:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 11:14 - 2015-07-18 13:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 11:14 - 2015-07-18 13:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 11:14 - 2015-07-18 13:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 11:14 - 2015-07-18 13:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 11:14 - 2015-07-18 13:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 11:14 - 2015-07-18 13:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 11:14 - 2015-07-18 13:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 11:13 - 2015-06-09 13:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 11:12 - 2015-07-16 15:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 11:12 - 2015-07-16 15:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 11:12 - 2015-07-16 15:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 11:12 - 2015-07-16 15:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 11:12 - 2015-07-16 15:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 11:12 - 2015-07-16 15:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 11:12 - 2015-07-16 14:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-12 11:12 - 2015-07-16 14:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 11:12 - 2015-07-16 14:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 11:12 - 2015-07-16 14:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 11:12 - 2015-07-16 14:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 11:12 - 2015-07-16 14:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 11:12 - 2015-07-16 14:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 11:12 - 2015-07-16 14:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-12 11:12 - 2015-07-16 14:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 11:12 - 2015-07-16 14:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 11:12 - 2015-07-16 14:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 11:12 - 2015-07-16 14:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-12 11:12 - 2015-07-16 14:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 11:12 - 2015-07-16 14:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 11:12 - 2015-07-16 14:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 11:12 - 2015-07-16 14:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 11:12 - 2015-07-16 14:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 11:12 - 2015-07-16 14:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 11:12 - 2015-07-16 13:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-12 11:12 - 2015-07-16 13:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 11:12 - 2015-07-16 13:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 11:12 - 2015-07-16 13:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 11:12 - 2015-07-16 13:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 11:11 - 2015-07-28 18:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 11:11 - 2015-07-28 09:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 11:11 - 2015-07-28 09:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 11:11 - 2015-07-28 09:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 11:11 - 2015-07-28 09:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 11:11 - 2015-07-28 09:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 11:11 - 2015-07-28 09:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 11:11 - 2015-07-15 19:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 11:11 - 2015-07-15 19:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 11:11 - 2015-07-15 19:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 11:11 - 2015-07-15 19:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 11:11 - 2015-07-10 12:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 11:11 - 2015-07-07 04:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 11:11 - 2015-07-07 04:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-12 11:11 - 2015-07-07 04:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 11:11 - 2015-07-01 17:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 11:11 - 2015-07-01 17:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 11:11 - 2015-07-01 16:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 11:11 - 2015-07-01 16:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 11:11 - 2015-06-12 12:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 11:11 - 2015-06-12 11:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 11:10 - 2015-07-29 09:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 11:10 - 2015-07-29 09:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 11:10 - 2015-07-29 09:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 11:10 - 2015-07-24 13:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 11:10 - 2015-07-24 13:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 11:10 - 2015-07-24 13:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 11:10 - 2015-07-24 12:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 11:10 - 2015-07-24 12:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 11:10 - 2015-07-14 16:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-12 11:10 - 2015-07-14 16:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-12 11:10 - 2015-07-14 16:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-12 11:10 - 2015-07-13 22:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 11:10 - 2015-07-13 22:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 11:10 - 2015-07-13 14:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 11:10 - 2015-07-13 14:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 11:10 - 2015-07-10 13:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 11:10 - 2015-07-10 12:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 11:10 - 2015-07-10 12:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 11:10 - 2015-07-10 12:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 11:10 - 2015-07-10 11:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 11:10 - 2015-07-10 11:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 11:10 - 2015-07-09 12:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 11:10 - 2015-07-09 12:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 11:10 - 2015-07-09 11:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 11:10 - 2015-06-11 15:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-12 11:10 - 2015-06-11 15:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-12 11:10 - 2015-05-11 19:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-09 23:37 - 2015-08-09 23:37 - 00001328 _____ C:\Users\Public\Desktop\Façade.lnk
2015-08-09 23:37 - 2015-08-09 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Façade
2015-08-09 23:35 - 2015-08-09 23:37 - 00000000 ____D C:\Program Files (x86)\Facade
2015-08-06 15:04 - 2015-08-09 12:57 - 00000000 ____D C:\Users\Eva1\Downloads\Incompetech
2015-08-03 15:13 - 2015-08-03 15:53 - 00000000 ____D C:\Users\Eva1\AppData\Local\Game Dev Tycoon - Steam
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-01 09:39 - 2015-05-23 14:29 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-183226619-428685392-4017880705-1001
2015-09-01 09:35 - 2015-05-23 15:54 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-01 09:35 - 2015-05-23 14:44 - 00000000 ____D C:\Users\Eva1\OneDrive
2015-09-01 09:34 - 2015-02-03 03:50 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-01 09:32 - 2015-07-20 16:58 - 00000761 _____ C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk
2015-09-01 09:32 - 2015-02-03 03:28 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 09:32 - 2013-08-22 09:46 - 00031942 _____ C:\Windows\setupact.log
2015-09-01 09:32 - 2013-08-22 09:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 09:31 - 2015-07-20 16:50 - 00000000 ____D C:\ProgramData\WRData
2015-09-01 09:31 - 2015-05-23 14:37 - 00000000 ____D C:\Users\Eva1\AppData\Roaming\Skype
2015-09-01 09:31 - 2015-02-03 03:28 - 02081762 _____ C:\Windows\WindowsUpdate.log
2015-09-01 09:31 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-01 08:18 - 2015-05-23 15:54 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-01 07:43 - 2015-05-23 14:34 - 00003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BA496CEC-08B9-4019-B1F2-7C15B6F3E1D1}
2015-08-31 22:04 - 2015-05-23 15:13 - 00000000 ____D C:\Users\Eva1\AppData\Roaming\.minecraft
2015-08-31 20:19 - 2015-05-23 20:57 - 00000000 ____D C:\Users\Eva1\AppData\Local\Spotify
2015-08-31 19:13 - 2015-05-23 20:55 - 00000000 ____D C:\Users\Eva1\AppData\Roaming\Spotify
2015-08-31 12:12 - 2015-05-23 15:04 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-08-31 12:12 - 2015-05-23 15:04 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-08-30 10:52 - 2014-03-18 04:54 - 00069254 _____ C:\Windows\PFRO.log
2015-08-30 09:55 - 2015-05-23 18:20 - 00000904 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2015-08-30 09:55 - 2015-05-23 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-08-30 09:55 - 2015-05-23 18:20 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2015-08-29 18:13 - 2015-05-23 15:54 - 00003886 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-29 18:13 - 2015-05-23 15:54 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-29 09:39 - 2015-07-13 22:30 - 00000000 ____D C:\Users\Eva1\Downloads\Quotev
2015-08-29 07:49 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-27 09:42 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Camera
2015-08-27 09:16 - 2015-05-23 14:23 - 00000000 ____D C:\Users\Eva1
2015-08-27 09:07 - 2015-07-20 16:34 - 00000000 ____D C:\Program Files (x86)\16517ABC-1437428086-3F45-B01D-2CC53564FAC8
2015-08-26 19:27 - 2015-06-26 00:57 - 00000000 ____D C:\Users\Eva1\Downloads\Minecraft
2015-08-26 17:55 - 2014-09-24 10:40 - 00000000 ____D C:\ProgramData\Skype
2015-08-26 17:07 - 2015-05-23 14:23 - 00001444 _____ C:\Users\Eva1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-26 11:19 - 2015-05-23 14:23 - 00000000 ____D C:\Users\Eva1\AppData\Local\Packages
2015-08-26 11:09 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\L2Schemas
2015-08-26 11:08 - 2015-07-20 16:37 - 00000000 ____D C:\Program Files (x86)\1cf83d29-e727-4733-b007-80abedcf81f9
2015-08-26 09:30 - 2015-05-23 21:08 - 00000000 ____D C:\ProgramData\Origin
2015-08-26 09:28 - 2013-08-22 08:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-26 09:14 - 2015-06-29 23:27 - 00000000 ____D C:\Users\Eva1\AppData\Roaming\Curse Client
2015-08-26 09:14 - 2014-03-18 05:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-23 12:06 - 2015-05-24 10:40 - 00491008 ___SH C:\Users\Eva1\Downloads\Thumbs.db
2015-08-22 17:00 - 2015-06-24 10:41 - 04730416 _____ () C:\Users\Eva1\Desktop\TechnicLauncher.exe
2015-08-22 17:00 - 2015-06-24 10:41 - 00000000 ____D C:\Users\Eva1\AppData\Roaming\.technic
2015-08-20 11:09 - 2015-07-20 16:58 - 00168720 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2015-08-20 11:09 - 2015-07-20 16:58 - 00117792 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2015-08-20 11:09 - 2015-07-20 16:58 - 00106944 _____ (Webroot) C:\Windows\system32\WRusr.dll
2015-08-19 22:51 - 2013-08-22 10:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-16 21:57 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\rescache
2015-08-15 18:57 - 2015-06-14 11:16 - 00000000 ____D C:\Users\Eva1\Downloads\TF2
2015-08-14 22:48 - 2013-08-22 09:44 - 00337808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-14 22:46 - 2015-05-29 07:38 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-14 22:46 - 2015-05-29 07:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-14 22:46 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 22:46 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 22:46 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 22:46 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 22:25 - 2015-05-26 16:46 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 22:07 - 2015-05-26 16:46 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 22:05 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 22:05 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 12:50 - 2015-05-25 07:50 - 00185045 _____ C:\Windows\DirectX.log
2015-08-10 12:50 - 2015-05-24 22:56 - 00000000 ____D C:\Users\Eva1\Documents\my games
2015-08-08 08:55 - 2015-05-29 07:45 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 08:55 - 2015-05-29 07:45 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 15:51 - 2015-05-23 23:39 - 00001364 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2015-08-06 12:48 - 2014-09-24 10:52 - 00000000 ____D C:\Windows\Panther
2015-08-06 12:37 - 2015-07-10 08:39 - 00000000 ___HD C:\$Windows.~BT
 
==================== Files in the root of some directories =======
 
2015-04-19 07:20 - 2015-04-19 07:20 - 0005872 _____ () C:\Users\Eva1\AppData\Roaming\oVCaI23YgUHDWLDrYd
2015-08-26 13:45 - 2015-09-01 09:35 - 0000164 _____ () C:\Users\Eva1\AppData\Roaming\sp_data.sys
2015-08-27 09:16 - 2015-08-27 09:16 - 0000872 _____ () C:\Users\Eva1\AppData\Local\recently-used.xbel
 
Some files in TEMP:
====================
C:\Users\Eva1\AppData\Local\Temp\4c2459bebc146bfd821d90e28a2411ab.dll
C:\Users\Eva1\AppData\Local\Temp\c84c099aca2e9c03280e60b545ac3c02.dll
C:\Users\Eva1\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Eva1\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\Eva1\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Eva1\AppData\Local\Temp\Nexus Mod Manager-0.56.1.exe
C:\Users\Eva1\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Eva1\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2015-05-25 12:20] - [2015-07-20 16:48] - 0657920 ____A (Microsoft Corporation) 8144B6136A83BDC5D70FAA2A6D726049
 
C:\Windows\SysWOW64\dnsapi.dll
[2015-05-25 12:20] - [2015-07-20 16:48] - 0498688 ____A (Microsoft Corporation) A2B1D4C7F59AE928B042A098BAFF8914
 
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-26 10:31
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Eva1 (2015-09-01 09:41:57)
Running from C:\Users\Eva1\Desktop\Malware protection
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-183226619-428685392-4017880705-500 - Administrator - Disabled)
Eva1 (S-1-5-21-183226619-428685392-4017880705-1001 - Administrator - Enabled) => C:\Users\Eva1
Guest (S-1-5-21-183226619-428685392-4017880705-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-183226619-428685392-4017880705-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 (HKLM\...\UDK-4c59dd62-c9f7-4aae-bb8c-e2a515e163c3) (Version:  - RuneStorm
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
A.V.A - Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version:  - RED DUCK Inc.)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
ASUS Gaming Center (HKLM-x32\...\{23C8A788-4790-4F3C-B103-0ACC7D9DC5BE}) (Version: 1.0.5 - ASUS)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS)
ASUS ROG MacroKey (HKLM-x32\...\{348022C5-F497-4333-AFEE-208F22F169F2}_is1) (Version: 1.0.0.28 - G-spy Co., Ltd)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.29 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Cthulhu Saves the World  (HKLM-x32\...\Steam App 107310) (Version:  - Zeboyd Games)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Day of Defeat (HKLM-x32\...\Steam App 30) (Version:  - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version:  - Valve)
Deathmatch Classic (HKLM-x32\...\Steam App 40) (Version:  - Valve)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
ELAN Touchpad 11.5.15.5_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.15.5 - ELAN Microelectronic Corp.)
Façade (HKLM-x32\...\{24E34264-D483-477C-A9A0-4E53F69834CF}) (Version: 1.1.2 - Procedural Arts)
Fallout 3 (HKLM-x32\...\Steam App 22300) (Version:  - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Fortress Forever (HKLM-x32\...\Steam App 253530) (Version:  - Fortress Forever Development Team)
Foul Play (HKLM-x32\...\Steam App 244810) (Version:  - Mediatonic)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.1 - Genesys Logic)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Gone Home (HKLM-x32\...\Steam App 232430) (Version:  - The Fullbright Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Grimm (HKLM-x32\...\Steam App 252150) (Version:  - Spicyhorse Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
Half-Life Deathmatch: Source (HKLM-x32\...\Steam App 360) (Version:  - Valve)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{915DDCDE-7767-4B4A-9256-8729B265BDAC}) (Version: 17.1.1440.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}) (Version: 17.13.2 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jazzpunk (HKLM-x32\...\Steam App 250260) (Version:  - Necrophone Games)
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Maxx Audio Installer (x64) (Version: 1.6.4882.94 - Waves Audio Ltd.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version:  - Virtual Heroes)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.56.1 - Black Tree Gaming)
NVIDIA 3D Vision Driver 345.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 345.05 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 345.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.05 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 345.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 345.05 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.23 - ASUS)
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version:  - Telltale Games)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Portal Stories: Mel (HKLM-x32\...\Steam App 317400) (Version:  - Prism Studios)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7427 - Realtek Semiconductor Corp.)
Resource Hacker Version 4.2.4 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skullgirls (HKLM-x32\...\Steam App 245170) (Version:  - Lab Zero Games)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
Spotify (HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Spotify) (Version: 1.0.12.161.g64b0797c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Team Fortress Classic (HKLM-x32\...\Steam App 20) (Version:  - Valve)
TERA (HKLM-x32\...\Steam App 323370) (Version:  - En Masse Entertainment)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Jackbox Party Pack (HKLM-x32\...\Steam App 331670) (Version:  - Jackbox Games, Inc.)
The Knobbly Crook: Chapter I - The Horse You Sailed In On (HKLM-x32\...\Steam App 378300) (Version:  - Gnarled Scar Manipulations)
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version:  - Outerlight Ltd.)
The Ship Tutorial (HKLM-x32\...\Steam App 2430) (Version:  - Outerlight)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Diesel Stuff (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Movie Stuff (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.10.57.1020 - Electronic Arts Inc.)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - Mike Bithell)
Thunderbolt™ Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel® Corporation)
Toribash (HKLM-x32\...\Steam App 248570) (Version:  - Nabi Studios)
Town of Salem (HKLM-x32\...\Steam App 334230) (Version:  - BlankMediaGames)
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
Unreal Development Kit: 2012-07 (HKLM\...\UDK-de77dda8-8f7a-45c5-8899-bf7607f17042) (Version:  - Epic Games, Inc.)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Viscera Cleanup Detail (HKLM-x32\...\Steam App 246900) (Version:  - RuneStorm)
Viscera Cleanup Detail: alpha v0.25
Viscera Cleanup Detail: Shadow Warrior (HKLM-x32\...\Steam App 255520) (Version:  - RuneStorm)
VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.2.21 - Webroot)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
19-08-2015 22:46:28 Windows Update
26-08-2015 09:14:40 JRT Pre-Junkware Removal
30-08-2015 10:32:20 Revo Uninstaller's restore point - Foxit PhantomPDF
30-08-2015 10:33:19 Removed Foxit PhantomPDF
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {02082602-0381-4970-8481-77B94999604E} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {14139AE9-351E-471B-BBF9-73EF1FAEEC19} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {1F9270BE-06C3-457B-AFF1-E633D2F7AC63} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {28720781-AEAC-4C9C-996D-FD47FE06E261} - System32\Tasks\{3555BA93-CEB4-49EA-90E0-314534497BAC} => Chrome.exe http://ui.skype.com/ui/0/7.6.85.105/en/abandoninstall?page=tsProgressBar
Task: {2FBB3E3C-5EB2-4E12-A875-C0F824EBEBF5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-23] (Google Inc.)
Task: {389B817C-34EF-478E-953D-F5809956F984} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {48D47CD5-DE07-4079-AC54-BC79BF0E39A1} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService
Task: {53B64512-A8C7-40BE-9A4D-05F6182AAD94} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-04] (Realtek Semiconductor)
Task: {556CACD7-3294-4C4F-8164-B1F856CA33BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-23] (Google Inc.)
Task: {557DBB25-37D4-4018-A506-747D37A9E72B} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {610391EB-A0AB-445C-9B5F-8AE556CB1A21} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {69155D95-B408-475E-9E83-267CE96CDB69} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe
Task: {8EF6E551-3F85-4711-920F-81BC8E63ADD4} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {93D7C98C-A126-421D-8D97-049D934682B7} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {9811A538-389B-42B7-BE05-8FF1AC0F39DC} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {A4C19B2D-3844-44CF-802D-F410BB58B3F1} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-01-13] (Realtek Semiconductor)
Task: {A631AE03-2BD5-4503-9CB4-DAE69280F96C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {ACBF8901-CD8C-4795-99C7-50B56E29EF26} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {AD661C8E-5533-4916-99D6-9B761E6FAF9F} - System32\Tasks\Gaming Center => C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe [2014-10-03] (ASUSTek Computer Inc.)
Task: {BE7E5DE5-06A0-43C2-9A4D-C8B3E73D15C3} - \Jarmeee -> No File <==== ATTENTION
Task: {DC656388-70EC-4F0E-B08E-90F3D63435FE} - System32\Tasks\PaintTool SAI => C:\Users\Eva1\AppData\Local\Temp\is-8E87F.tmp\prsetup.exe <==== ATTENTION
Task: {E02D37DF-DF75-4CF2-B3F2-D8165F5C0673} - System32\Tasks\{AC656D60-2AAC-46C9-A9AD-999BC2AF4C84} => Chrome.exe http://ui.skype.com/ui/0/7.6.85.105/en/abandoninstall?page=tsProgressBar
Task: {EA553E67-2CB0-4AC9-8814-149204C34124} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
Task: {EEE2774E-B1BD-44A3-B64E-58959E0E8867} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-02-03 03:28 - 2014-12-24 05:38 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-03 03:49 - 2013-05-15 17:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
2014-11-05 15:44 - 2014-11-05 15:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-11-05 15:44 - 2014-11-05 15:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-08-15 11:39 - 2015-07-03 11:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-15 11:39 - 2015-07-03 11:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-15 11:39 - 2015-08-19 15:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-15 11:39 - 2015-07-03 11:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-15 11:39 - 2015-07-03 11:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-23 15:13 - 2014-12-01 16:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-23 15:13 - 2014-12-01 16:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-23 15:13 - 2014-12-01 16:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-23 15:13 - 2014-12-01 16:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-23 15:13 - 2014-12-01 16:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-15 11:39 - 2015-08-19 15:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 17:22 - 2015-07-26 20:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-05-23 15:13 - 2015-07-03 11:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-02-03 03:34 - 2013-10-23 16:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-08-22 11:14 - 2015-08-18 00:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-22 11:14 - 2015-08-18 00:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
2015-08-22 11:14 - 2015-08-18 00:23 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Eva1\OneDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-21-183226619-428685392-4017880705-1001\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-21-183226619-428685392-4017880705-1001\Software\Classes\exefile: "%1" %* <===== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-183226619-428685392-4017880705-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Eva1\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "Install Webroot IE RunOnce.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Install Webroot FF RunOnce.lnk"
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\StartupApproved\Run: => "Spotify"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CDEF66B8-5ED7-4CA9-A001-4728EB4B600B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B9C41747-BEC3-4F44-B0DC-A7B21A476E10}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C4580C28-6C02-4D27-AD69-2DDF5402A056}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6720FD60-6AEE-4597-8B5C-6178B4D3396D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F61A0843-E8EC-4C3D-A043-C41AA1497A86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D198CA00-DAE6-4E7B-892C-8683B664CBBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9506CF7B-D47F-48D9-BFFB-21E40F43B1B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7F12DAAC-5B17-4FF9-BABD-0D93CEDA382D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E1D967AD-75C6-4C66-9C03-BF42AB770D5E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{58996C60-35C3-4F75-B027-685ADEEB2371}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{E96ED93F-35DD-4698-B987-E40DED1B2E6A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{ACCCCCED-BA87-40D1-ACBF-C14826C78563}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A3C92D21-0136-4F80-8C47-07A186485AEF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AAA253D9-35C8-41E0-BAF5-5E98F0C37F95}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{55B342C8-CD9D-4507-999B-20D3267EAFF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AF794D4F-62B9-4142-87FC-19CA1EBF01EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{BA74F3D7-D7E1-460E-8740-8E91F7CFB7C9}C:\users\eva1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eva1\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{402C01E3-64FE-4DC1-8444-7A8250E04CCC}C:\users\eva1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eva1\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FC123161-69CE-4B94-9789-97193F707210}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aceofspades\aos.exe
FirewallRules: [{78FF433B-B3BB-4DC9-ADBD-EE5D349BC56C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aceofspades\aos.exe
FirewallRules: [{6F72A4E5-3400-4E8C-941D-912B4C9CE988}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [{E6BEC7B6-BA40-4ECA-91D5-B04C9DB052B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [{80B7D001-E0B8-4253-ABBF-4653C6A95245}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{942FB832-E89B-404E-92BB-8818420ED2B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{044877D0-2174-445E-A3EB-73FBE631A89C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C5D7C70A-72B7-44BE-9F4D-7F5539BE30D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{9A84FB84-4C32-47FB-8784-A32F68F0AA06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{58B82535-8F49-4808-A46D-630EE71F0B4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E428C3F6-B180-4255-A7DA-4A2643F012E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C36EC88F-30A4-43A8-AC5B-B5A5D851B1EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{CB99C743-7916-4BE0-A0D4-9E6DA7946B77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{6965E5D6-3AB3-47FE-9108-3C32C7EE83F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{27C81F8B-D179-4AF6-BCD4-C59FC51DE0F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{3D3306EF-A8B5-452A-B4BA-A2923B32377E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{66432A23-622A-40F5-B25A-F51D60D8967C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{32B57D23-D05C-43AF-B92B-218FBC702E46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{7DAEDAE0-C48C-4327-BFD7-892A3602CEE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{ABF9BE92-0F22-4917-A59F-28DBA82BCBBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{514FF2B3-0D20-4C35-925C-5458B79052BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grimm\GrimmLauncher.exe
FirewallRules: [{3A4A4264-1929-4621-A42B-BAC140E14B7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grimm\GrimmLauncher.exe
FirewallRules: [{95AEABE9-81DA-4B90-B06B-9CEE2B020248}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{CB076EC7-9387-4F41-9E26-FB30E9501119}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{5454BC53-328C-498F-90A3-D63BDD1EA086}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E7833D5B-44D1-4AE3-A35B-E5B57A3C2FE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{20CDEEEE-50CF-45C8-878C-6FB9266A2C5A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{27929CD6-671A-4126-9590-163388365996}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{35C99BE5-9324-4DDA-95EA-C4CE84F12739}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{625CAE75-E6DE-453B-B6B2-7D24C3AF64CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gone Home\GoneHome.exe
FirewallRules: [{781F2DA9-E8B3-4EEF-BE4D-65361139AD1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gone Home\GoneHome.exe
FirewallRules: [{7C434477-9DE9-4E51-B666-BC2F188DFE23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{ACD4681F-6418-4631-9469-177E387A22EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{D117E698-EE93-4FB6-B09F-64052BF90C03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{A8DDF19E-A879-4E1B-AF18-670A60175978}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{5F568822-7AC9-4394-BC61-06CD4027F04D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{26B05C2F-B14A-49F3-B985-1EBA46E9B744}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{2F4327C2-C5AC-4CA4-9FCB-E4E800549DEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{AF33DE01-9B3F-43D9-A163-159A25C24C99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{F62B0F00-8AA4-4E4A-A687-9E0329DE9DD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{E14C9216-64E5-4A16-A7AB-821AF3FECF59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{169C349F-10BC-4E1D-87CB-5D6215906279}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack\TJPP.exe
FirewallRules: [{86240759-6D79-4A4A-B15B-E89BF551329D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack\TJPP.exe
FirewallRules: [{4208F0DD-34AF-4B47-B8BE-3197FE2BCFBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{CFD0D373-C1C3-4BE7-96B1-573E9A2DAD6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{A7F1F8D5-9985-4AEC-8FAB-756315865233}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{E6F937F8-9F76-4137-BC8B-E16C8255770C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{B45CF712-3F53-4CDB-B126-FE85FEA6E43E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{A8CB9243-BA0A-4D6B-843F-D247E3417EF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{3A2BE772-DD4C-4E7A-8DD4-D1192F04B10A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{9E0FDBCB-5F17-4B92-BB6D-7F0670B051DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{44098A9F-7684-4A24-A7EC-3B6383BBBB96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{4F045CD5-9F9B-444B-BF52-1732E81C9A56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{39C8F04D-BE88-4A8C-9C64-8189CE5C22BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C4516824-D807-4875-9E01-10D65E976D7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{66731978-F24C-4208-8276-DAA1F99E6915}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{18691012-3B79-4752-9D5C-7D7936C1A25B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{51E68E7C-1FA5-40FE-82D5-793FF23EBB08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{55758C83-43F0-4B83-9BC9-3DE954BF5B90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{05A81919-239A-4AA6-B0DB-1A2B1F6C60E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{525D1F74-E298-4540-91B1-AF2ECE4C8C5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D8A5A47E-7F14-43F7-B44F-3CD46457C9F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{B91A3FBE-7F12-4358-B805-EAB927963C77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{769526C1-0A3C-4DBB-9D28-E6A268EE4F25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Toribash\toribash.exe
FirewallRules: [{18E96472-0985-4C84-A454-DEB13F704BE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Toribash\toribash.exe
FirewallRules: [{737FDE88-C24A-4824-B709-AFE4B02BEEC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{321A4D6E-F60D-4236-809E-AE89375834D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{9EAF0EBF-F00D-463D-98E2-27D0FB7995E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{3B045D75-16CF-4741-BB3B-20E825E78DB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [TCP Query User{5C8BD2DC-4958-4C79-AE76-1500EAEB273B}C:\users\eva1\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\eva1\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FFA6EE5C-DBDB-4A98-8339-2F67226E7C25}C:\users\eva1\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\eva1\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{F6961718-4699-4E57-98CD-A2026D647844}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 1 Source Deathmatch\hl2.exe
FirewallRules: [{10972C3B-34A7-4386-BDE4-07A2BA54F12A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 1 Source Deathmatch\hl2.exe
FirewallRules: [{C2994B5C-02F9-48A5-A57D-718BEC141071}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{9AC460B5-D220-4918-8C58-2BD18E1D7809}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{BB9F1637-A975-448C-807B-2F448F6F30C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{9862276B-CCA5-4713-A48B-466F43EEDACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [TCP Query User{D029FB3E-B007-4313-8774-46C6F124B123}C:\users\eva1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eva1\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3620364D-3A9A-4E92-B72E-38A5FD0ED67A}C:\users\eva1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eva1\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2C763634-45B0-46DB-809E-ED00E72BD404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{FE6EC5B5-CCE7-4DD8-BDB6-075347B256DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{5E8A8FD2-62AE-4F9E-9346-7DDF5EE35196}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{B07D4E9C-ACFB-446D-BD4C-5EC9EBE2DE09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{56F5F78C-1FA4-4B10-9177-4C71B1384DB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{694744E3-0ECF-4AE9-B8C2-B4566AB9F9A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{F6F71A9C-32EF-4A21-8878-E07C959851E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [{13847760-7424-4C21-A82E-E40F868A657D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [{9C5A328F-C2F3-4700-BE82-87DB1BAB64AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{82384828-B2E0-4864-A4C1-8737DF2423A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{AFDAFC45-0D4D-4AD1-8160-2475F46B4B78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{5993F550-CF00-4E5B-8193-3D2D60332293}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{ED9D6A50-8CD7-44F9-A2BB-E6BE365BAC70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{5ADECC38-7EC5-4E2C-8997-F76B8FCB25F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{1A8CDF88-C7A2-4EAA-A8F8-AB0CBAF7F3BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{8FD6F98B-1CE5-42C2-9009-0449E1CBE04E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{3B773C0F-FD16-48B2-82B8-CE5F02E64D98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{F9905EE5-9D35-4B5E-BFF4-696BD94EAA76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{4C5B5E8A-2EA8-4773-9E7D-9F264DC11C5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Knobbly Crook Chapter I\Knobbly Crook.exe
FirewallRules: [{1D2AEA91-FA00-4240-B02E-9B02499688CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Knobbly Crook Chapter I\Knobbly Crook.exe
FirewallRules: [{76561660-38BC-450A-AF84-80425542C38F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{BD5912BA-7A72-4A71-B305-8D5CE8B3914B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{813AE7ED-AA9F-4087-85F9-8077AE3F002E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{339A33A2-4648-4057-B573-E22F338F2B98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{F7A93F7E-D45A-4556-8DCF-2C488346121F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{D2B5A3CB-E0CE-4F22-AB54-632225E6797F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{AE5F84B7-6EFA-49CB-91C0-BA5EC2FBA0FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cthulhu Saves the World\CSTW.exe
FirewallRules: [{4022003B-3C1D-4EB0-B1EB-021899694A31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cthulhu Saves the World\CSTW.exe
FirewallRules: [{3BCF359A-BFFC-4FC6-AB36-EE97B52B382A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{23C48E2E-F8E5-4426-A51B-A92B315F7A8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{B0F55738-C0A4-4FB5-A015-B22EAA56CD33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{DF5CF05D-E405-4E6E-9650-02FBC1E9FBDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{FCD36B39-1096-4474-8F7B-01EE77D91195}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{F431A6A1-A972-4BC5-A3E4-D6653423F26C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{28F49838-FFDC-455E-A454-C728C4C42756}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{3D840790-77E7-464F-A6AA-9AFB60470C72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{781C5A13-5BE5-4134-A39A-9C3889CAB921}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{E70D4B2F-DF4C-4A1F-BDD1-D6B70E3EF992}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{50F74597-77C8-4F0F-8D7E-76D0E03AB9A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{3A3C443E-F421-4191-BCC9-C2CC03060A22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{6AFA98D9-3234-4191-A8E1-15281AE56246}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{4668C56E-7CD9-477D-BD17-A7A979B504D4}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{16DD7307-E643-41A4-B709-12ECA5EA7235}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{6FD2594F-9D8A-4B8C-822B-A729A6237391}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{BA7E428E-A142-439E-89BC-3EC5ADA037BD}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [{15F7E1F4-EC30-49FF-9E15-541C26412886}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{94D0D2CC-7BE2-4A2C-94EC-A95B648318C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{F53C491E-A169-47E6-8AA6-76BEA81E196C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{E721A3B4-69F3-4857-9E29-2840B96CCB36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{707D2985-BF74-431D-AF75-17E65B667FE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{D0552C38-E746-49E7-A8FC-16ED93691D2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{4441EF44-89F7-4D30-9BCD-1ECFF29CAA40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{7BC86F89-8873-423D-BC70-ECD25F8062F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{F9B3DF51-2D06-4A7D-8C00-C9E1D63BE600}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AVA\NWZLauncher.exe
FirewallRules: [{EBAA1674-97DD-4F79-9644-8CFC42A8AEED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AVA\NWZLauncher.exe
FirewallRules: [{22C66F34-2321-4735-B6FA-8A0BA7AD00F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{17250F3A-655B-4BE2-BCF8-8DD3C0508882}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{BFDD3F68-CCEF-4CA5-A68C-3BD6B37CFF99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{4380E5EC-03D0-40B9-B29C-AB91BA0713D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{AE99BB6C-32CA-4F3E-B476-0773DAF45CD5}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{DAC1C173-9F16-4CBE-8A49-5E45B4BC0FDB}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{58D73118-92FB-4CE9-A63C-5709081FA73D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{1F1E8118-A04E-4306-A3D9-9C6811205A99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{1B2E9B6D-6986-49EC-92F2-28F3B145FA10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{3B310265-690E-4951-B7BD-BBEDA5BA7CFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{FA97F89E-5ACD-4753-ACDB-46779533A114}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{384CBDCD-4A6C-4FB7-8A9C-4A072791A864}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [TCP Query User{06DBBCDC-FB60-4542-8B37-CEFB0C70AD8A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{9A02A102-039F-4E6F-8FBF-86893342B061}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{640A0816-B532-44BA-BA25-3909A4262A6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F93E3735-F788-4D81-8314-479B305C8BC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{0D1EA6BF-1778-4AC6-8D37-12593883E824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foul Play\foul_play.exe
FirewallRules: [{2467D6BF-F2D2-4A94-96A0-BDD484BE8435}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foul Play\foul_play.exe
FirewallRules: [{0C2DF745-47AD-49A3-B8EE-1CAD1BC506A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{19641E65-6B94-4C1D-B94F-7AF0CCBEDF60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{9599A07A-B988-4352-98B5-016F89E68015}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fortress Forever\hl2.exe
FirewallRules: [{B30F5A5E-6F9B-4633-9C7D-60FC5E88013F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fortress Forever\hl2.exe
FirewallRules: [{FB29C4A4-CCB6-439C-9C6A-4C46B8C99857}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{9C61AE23-A28A-4D0E-8930-4EF81837B5FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{264D92E2-FC30-4EC9-954E-37E28B01DEE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{D5A71137-D02D-4580-AFCF-0FBAE2D3362C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{094E85E8-99B1-44EF-B14F-471D92E2AAEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship Tutorial\ship.exe
FirewallRules: [{8A6F5CB7-E31A-4795-A531-643674037D7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship Tutorial\ship.exe
FirewallRules: [{A8C9597D-D003-46A3-8969-0DCFCFA8D5E2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{818F0A98-A4BB-4915-AB88-B77B4A23B351}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{AB67DC12-858B-4AED-B9FF-82BF6C3EE6F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{48C42461-3777-4208-A9BA-C79CF895EB1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{F6CC0819-8D9C-4C9E-9ECB-F043C30960D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{3B069340-8E34-4BBD-BE93-8ACB8591FA2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{D9C4B3A9-F1D8-415F-83FF-9EE3398F6ABA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [TCP Query User{3E4B68D0-5BA4-4690-8DBB-B3C14F320DF3}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{DD795D2C-C175-4A33-8B87-CD05236EA2C6}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{606BB733-24AE-447A-9B23-682CE64D3B51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{60B1051E-076A-4498-AFCD-B56A4C24EE1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 4.8.D.8.1.F.C.D.B.E.2.6.5.1.1.9.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Eva-2.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.158:5353   11 4.8.D.8.1.F.C.D.B.E.2.6.5.1.1.9.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Eva.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 6.3.6.6.D.9.6.8.C.E.7.0.D.8.1.5.0.F.A.1.5.A.F.C.4.0.3.0.2.0.6.2.ip6.arpa. PTR Eva-2.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.158:5353   11 6.3.6.6.D.9.6.8.C.E.7.0.D.8.1.5.0.F.A.1.5.A.F.C.4.0.3.0.2.0.6.2.ip6.arpa. PTR Eva.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 4.8.D.8.1.F.C.D.B.E.2.6.5.1.1.9.0.F.A.1.5.A.F.C.4.0.3.0.2.0.6.2.ip6.arpa. PTR Eva-2.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.158:5353   11 4.8.D.8.1.F.C.D.B.E.2.6.5.1.1.9.0.F.A.1.5.A.F.C.4.0.3.0.2.0.6.2.ip6.arpa. PTR Eva.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 158.1.168.192.in-addr.arpa. PTR Eva-2.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.158:5353   11 158.1.168.192.in-addr.arpa. PTR Eva.local.
 
Error: (09/01/2015 09:34:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Eva.local already in use; will try Eva-2.local instead
 
Error: (09/01/2015 09:34:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 Eva.local. AAAA 2602:0304:CFA5:1AF0:9115:62EB:DCF1:8D84
 
 
System errors:
=============
Error: (09/01/2015 09:31:50 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (09/01/2015 09:31:50 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (09/01/2015 09:31:43 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (09/01/2015 09:31:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/01/2015 09:31:34 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/01/2015 09:31:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (09/01/2015 09:31:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (09/01/2015 09:31:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/01/2015 09:31:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® ME Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/01/2015 09:31:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The GamesAppIntegrationService service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office:
=========================
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 4.8.D.8.1.F.C.D.B.E.2.6.5.1.1.9.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Eva-2.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.158:5353   11 4.8.D.8.1.F.C.D.B.E.2.6.5.1.1.9.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Eva.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 6.3.6.6.D.9.6.8.C.E.7.0.D.8.1.5.0.F.A.1.5.A.F.C.4.0.3.0.2.0.6.2.ip6.arpa. PTR Eva-2.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.158:5353   11 6.3.6.6.D.9.6.8.C.E.7.0.D.8.1.5.0.F.A.1.5.A.F.C.4.0.3.0.2.0.6.2.ip6.arpa. PTR Eva.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 4.8.D.8.1.F.C.D.B.E.2.6.5.1.1.9.0.F.A.1.5.A.F.C.4.0.3.0.2.0.6.2.ip6.arpa. PTR Eva-2.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.158:5353   11 4.8.D.8.1.F.C.D.B.E.2.6.5.1.1.9.0.F.A.1.5.A.F.C.4.0.3.0.2.0.6.2.ip6.arpa. PTR Eva.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 158.1.168.192.in-addr.arpa. PTR Eva-2.local.
 
Error: (09/01/2015 09:34:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.158:5353   11 158.1.168.192.in-addr.arpa. PTR Eva.local.
 
Error: (09/01/2015 09:34:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Eva.local already in use; will try Eva-2.local instead
 
Error: (09/01/2015 09:34:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 Eva.local. AAAA 2602:0304:CFA5:1AF0:9115:62EB:DCF1:8D84
 
 
CodeIntegrity:
===================================
  Date: 2015-07-13 23:33:33.579
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-13 23:33:33.003
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4720HQ CPU @ 2.60GHz
Percentage of memory in use: 21%
Total physical RAM: 8141.18 MB
Available physical RAM: 6391.76 MB
Total Virtual: 9421.18 MB
Available Virtual: 7474.91 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:915.4 GB) (Free:424.49 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1AD69020)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:20 PM

Posted 01 September 2015 - 01:16 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

frst.pngfrstfix.png

Press the w8.png + R on your keyboard at the same time. Type notepad and click OK.
  • Copy the entire content of the codebox below and paste into the notepad document:
    CloseProcesses:
    FF HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Firefox\Extensions: [ninjaloader@mail.com] - C:\Program Files (x86)\Ninja Loader\FireFox
    Task: {BE7E5DE5-06A0-43C2-9A4D-C8B3E73D15C3} - \Jarmeee -> No File 
    Task: {DC656388-70EC-4F0E-B08E-90F3D63435FE} - System32\Tasks\PaintTool SAI => C:\Users\Eva1\AppData\Local\Temp\is-8E87F.tmp\prsetup.exe 
    HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* 
    HKU\.DEFAULT\Software\Classes\exefile: "%1" %* 
    HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* 
    HKU\S-1-5-19\Software\Classes\exefile: "%1" %* 
    HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* 
    HKU\S-1-5-20\Software\Classes\exefile: "%1" %* 
    HKU\S-1-5-21-183226619-428685392-4017880705-1001\Software\Classes\.exe: exefile => "%1" %* 
    HKU\S-1-5-21-183226619-428685392-4017880705-1001\Software\Classes\exefile: "%1" %* 
    Emptytemp:
    
  • Click File, Save As and type fixlist.txt as the File Name.
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please post it to your reply.

Step 2

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed, click on Finish.
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.
esetlog.png

Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif

Edited by deeprybka, 01 September 2015 - 01:18 PM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 toggleon

toggleon
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:20 AM

Posted 01 September 2015 - 10:12 PM

Hello Jurgen and thanks for your offer of assistance.

 

Here is the fixlog.txt from the FRST fix

 

Fix result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Eva1 (2015-09-01 20:55:41) Run:1
Running from C:\Users\Eva1\Desktop\Malware protection
Loaded Profiles: Eva1 (Available Profiles: Eva1)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
FF HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Firefox\Extensions: [ninjaloader@mail.com] - C:\Program Files (x86)\Ninja Loader\FireFox
Task: {BE7E5DE5-06A0-43C2-9A4D-C8B3E73D15C3} - \Jarmeee -> No File 
Task: {DC656388-70EC-4F0E-B08E-90F3D63435FE} - System32\Tasks\PaintTool SAI => C:\Users\Eva1\AppData\Local\Temp\is-8E87F.tmp\prsetup.exe 
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* 
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* 
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* 
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* 
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* 
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* 
HKU\S-1-5-21-183226619-428685392-4017880705-1001\Software\Classes\.exe: exefile => "%1" %* 
HKU\S-1-5-21-183226619-428685392-4017880705-1001\Software\Classes\exefile: "%1" %* 
Emptytemp:
*****************
 
Processes closed successfully.
HKU\S-1-5-21-183226619-428685392-4017880705-1001\Software\Mozilla\Firefox\Extensions\\ninjaloader@mail.com => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE7E5DE5-06A0-43C2-9A4D-C8B3E73D15C3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE7E5DE5-06A0-43C2-9A4D-C8B3E73D15C3}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Jarmeee => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DC656388-70EC-4F0E-B08E-90F3D63435FE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC656388-70EC-4F0E-B08E-90F3D63435FE}" => key removed successfully
C:\Windows\System32\Tasks\PaintTool SAI => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PaintTool SAI" => key removed successfully
"HKU\.DEFAULT\Software\Classes\exefile" => key removed successfully
"HKU\.DEFAULT\Software\Classes\.exe" => key removed successfully
HKU\.DEFAULT\Software\Classes\exefile => key not found. 
"HKU\S-1-5-19\Software\Classes\exefile" => key removed successfully
"HKU\S-1-5-19\Software\Classes\.exe" => key removed successfully
HKU\S-1-5-19\Software\Classes\exefile => key not found. 
"HKU\S-1-5-20\Software\Classes\exefile" => key removed successfully
"HKU\S-1-5-20\Software\Classes\.exe" => key removed successfully
HKU\S-1-5-20\Software\Classes\exefile => key not found. 
"HKU\S-1-5-21-183226619-428685392-4017880705-1001\Software\Classes\exefile" => key removed successfully
"HKU\S-1-5-21-183226619-428685392-4017880705-1001\Software\Classes\.exe" => key removed successfully
HKU\S-1-5-21-183226619-428685392-4017880705-1001\Software\Classes\exefile => key not found. 
EmptyTemp: => 1.8 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 20:58:25 ====
 
I am still running the ESET scan and will post the results when it is completed. 


#4 toggleon

toggleon
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:20 AM

Posted 02 September 2015 - 07:10 AM

And here is the ESET log

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1f5de1386ddd1c4b83ed9529b3aef5d7
# end=init
# utc_time=2015-09-02 02:05:40
# local_time=2015-09-01 09:05:40 (-0600, Central Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 25556
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1f5de1386ddd1c4b83ed9529b3aef5d7
# end=updated
# utc_time=2015-09-02 02:10:46
# local_time=2015-09-01 09:10:46 (-0600, Central Daylight Time)
# country="United States"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=1f5de1386ddd1c4b83ed9529b3aef5d7
# engine=25556
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-09-02 12:06:58
# local_time=2015-09-02 07:06:58 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 663647 6178563 0 0
# compatibility_mode_1='Webroot SecureAnywhere'
# compatibility_mode=16130 16777213 85 100 187075 3679707 0 0
# scanned=664732
# found=1
# cleaned=0
# scan_time=35772
sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I potentially unwanted application" ac=I fn="C:\Users\Eva1\AppData\Roaming\oVCaI23YgUHDWLDrYd"


#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:20 PM

Posted 02 September 2015 - 07:52 AM

Hi there,

 

Step 1

frst.pngfrstfix.png

Press the w8.png + R on your keyboard at the same time. Type notepad and click OK.

  • Copy the entire content of the codebox below and paste into the notepad document:
    C:\Users\Eva1\AppData\Roaming\oVCaI23YgUHDWLDrYd
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!


  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

 

Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

 


lesestoff.png

Can you please tell me which problems still persist now?


Edited by deeprybka, 02 September 2015 - 07:52 AM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 toggleon

toggleon
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:20 AM

Posted 02 September 2015 - 08:02 AM

Here is the fixlog.txt

 

Fix result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Eva1 (2015-09-02 07:56:49) Run:2
Running from C:\Users\Eva1\Desktop\Malware protection
Loaded Profiles: Eva1 (Available Profiles: Eva1)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\Users\Eva1\AppData\Roaming\oVCaI23YgUHDWLDrYd
 
*****************
 
C:\Users\Eva1\AppData\Roaming\oVCaI23YgUHDWLDrYd => moved successfully
 
==== End of Fixlog 07:56:49 ====
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Eva1 (administrator) on EVA (02-09-2015 07:58:01)
Running from C:\Users\Eva1\Desktop\Malware protection
Loaded Profiles: Eva1 (Available Profiles: Eva1)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Video DSP\DriverMFTService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Eva1\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3245832 2014-07-14] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [ASUS ROG MacroKey] => C:\Program Files (x86)\ASUS\ASUS ROG MacroKey\Hid.exe [2036224 2014-07-30] (ASUS)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [828952 2015-08-20] (Webroot)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-26] (Electronic Arts)
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Run: [Spotify] => C:\Users\Eva1\AppData\Roaming\Spotify\Spotify.exe [7389752 2015-08-25] (Spotify Ltd)
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1341192 2015-05-20] (Bogdan Sharkov)
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Run: [Spotify Web Helper] => C:\Users\Eva1\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-25] (Spotify Ltd)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
Startup: C:\Users\Eva1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-06-29]
ShortcutTarget: Curse.lnk -> C:\Users\Eva1\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4DA66220-9C74-4A2A-9E79-7713AAE4CDE4}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-183226619-428685392-4017880705-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-183226619-428685392-4017880705-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll [2015-07-20] (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll [2015-07-20] (Webroot)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-01] (Oracle Corporation)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll [2015-07-20] (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll [2015-07-20] (Webroot)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-01] (Oracle Corporation)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll [2015-07-20] (Webroot)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll [2015-07-20] (Webroot)
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-12-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-12-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
 
Chrome: 
=======
CHR Profile: C:\Users\Eva1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Eva1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-08-31]
CHR Extension: (Adblock Plus) - C:\Users\Eva1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Eva1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Eva1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-20]
CHR HKLM-x32\...\Chrome\Extension: [cmlhbjpgeogifjnmlajdaealbdlfonah] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.1.0.59.crx [2015-07-20]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2015-07-20]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 DriverMFTService; C:\Program Files (x86)\Asus\ASUS Video DSP\DriverMFTService.exe [9728 2014-10-29] (ASUSTek Computer Inc.) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [102152 2014-07-14] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [125168 2014-11-04] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel® Corporation) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-26] (Electronic Arts)
S3 ThunderboltService; C:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe [1179944 2014-03-06] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [828952 2015-08-20] (Webroot)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [107208 2014-01-17] (GenesysLogic)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-08-26] ()
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [225008 2014-11-04] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79528 2014-10-15] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-01] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3482600 2014-11-17] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2014-12-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-08-26] ()
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117792 2015-08-20] (Webroot)
S3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [41040 2015-07-20] (Webroot)
U0 msahci; system32\drivers\msahci.sys [X]
U0 SR; no ImagePath
U2 srservice; no ImagePath
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-01 21:05 - 2015-09-01 21:05 - 00000000 ____D C:\Program Files (x86)\ESET
2015-09-01 21:03 - 2015-09-01 21:03 - 02870984 _____ (ESET) C:\Users\Eva1\Downloads\esetsmartinstaller_enu.exe
2015-09-01 17:19 - 2015-09-01 09:00 - 00000000 ____D C:\Users\Eva1\Downloads\YanSimSeptember1st_Version2
2015-09-01 17:08 - 2015-09-01 17:15 - 505996275 _____ C:\Users\Eva1\Downloads\YanSimSeptember1st_Version2.rar
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Eva1\AppData\Roaming\Sun
2015-09-01 09:50 - 2015-09-01 09:50 - 00000000 ____D C:\Users\Eva1\.oracle_jre_usage
2015-09-01 08:19 - 2015-09-01 08:19 - 00001036 _____ C:\Users\Eva1\Desktop\mlw.txt
2015-09-01 08:18 - 2015-09-01 08:18 - 00001038 _____ C:\malw1.txt
2015-08-31 12:16 - 2015-09-02 07:58 - 00000000 ____D C:\FRST
2015-08-30 12:09 - 2015-08-30 14:22 - 00000000 ____D C:\Users\Eva1\Downloads\YanSimAugust26th
2015-08-30 10:20 - 2015-08-30 10:20 - 00001282 _____ C:\Users\Eva1\Desktop\Revo Uninstaller.lnk
2015-08-30 10:20 - 2015-08-30 10:20 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-27 09:49 - 2015-08-30 10:06 - 00002188 _____ C:\Users\Eva1\Desktop\Rkill.txt
2015-08-27 09:16 - 2015-08-27 09:16 - 00000872 _____ C:\Users\Eva1\AppData\Local\recently-used.xbel
2015-08-27 09:16 - 2015-08-27 09:16 - 00000000 ____D C:\Users\Eva1\.thumbnails
2015-08-27 09:13 - 2015-08-29 18:11 - 00000000 ____D C:\Users\Eva1\.gimp-2.8
2015-08-27 09:13 - 2015-08-27 09:13 - 00000000 ____D C:\Users\Eva1\AppData\Local\gegl-0.2
2015-08-27 09:05 - 2015-08-27 09:05 - 00000912 _____ C:\Users\Eva1\Desktop\GIMP 2.lnk
2015-08-27 09:04 - 2015-08-27 09:05 - 00000000 ____D C:\Program Files\GIMP 2
2015-08-27 09:03 - 2015-08-27 09:03 - 91931728 _____ (The GIMP Team ) C:\Users\Eva1\Downloads\gimp-2.8.14-setup-1.exe
2015-08-27 09:03 - 2015-08-27 09:03 - 25424256 _____ ( ) C:\Users\Eva1\Downloads\gimp-help-2-2.8.1-en-setup.exe
2015-08-26 17:55 - 2015-08-26 17:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-26 17:55 - 2015-08-26 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-26 14:36 - 2015-08-26 14:37 - 00000000 ____D C:\EEK
2015-08-26 14:11 - 2015-08-26 14:33 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-26 14:11 - 2015-08-26 14:11 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-08-26 14:02 - 2015-08-26 14:02 - 00043664 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-08-26 14:01 - 2015-08-26 14:01 - 00022524 _____ C:\Windows\system32\.crusader
2015-08-26 13:49 - 2015-08-26 14:01 - 00000000 ____D C:\ProgramData\HitmanPro
2015-08-26 13:45 - 2015-09-02 04:28 - 00000164 _____ C:\Users\Eva1\AppData\Roaming\sp_data.sys
2015-08-26 13:25 - 2015-08-26 12:34 - 01798560 _____ (Malwarebytes Corporation) C:\Users\Eva1\Desktop\JRT.exe
2015-08-26 11:45 - 2015-09-02 07:56 - 00000000 ____D C:\Users\Eva1\Desktop\Malware protection
2015-08-26 10:52 - 2015-08-26 10:52 - 00000321 _____ C:\Windows\ads.js
2015-08-26 10:52 - 2015-08-26 10:52 - 00000136 _____ C:\Windows\version.ini
2015-08-26 10:08 - 2015-09-01 20:48 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-26 10:08 - 2015-08-26 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-26 10:08 - 2015-08-26 11:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-26 10:08 - 2015-08-26 10:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-26 10:08 - 2015-06-18 08:52 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-26 10:08 - 2015-06-18 08:52 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-26 10:08 - 2015-06-18 08:52 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-26 09:26 - 2015-09-01 09:31 - 00000000 ____D C:\AdwCleaner
2015-08-26 09:08 - 2015-08-26 09:08 - 00000000 ____D C:\ProgramData\ASUS
2015-08-19 22:49 - 2015-08-10 20:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 22:49 - 2015-08-10 19:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-17 15:50 - 2015-08-17 15:50 - 00000222 _____ C:\Users\Eva1\Desktop\Fortress Forever.url
2015-08-17 15:36 - 2015-08-17 15:36 - 00000220 _____ C:\Users\Eva1\Desktop\The Ship.url
2015-08-17 15:36 - 2015-08-17 15:36 - 00000220 _____ C:\Users\Eva1\Desktop\The Ship Tutorial.url
2015-08-17 15:36 - 2015-08-17 15:36 - 00000220 _____ C:\Users\Eva1\Desktop\The Ship Single Player.url
2015-08-16 10:46 - 2015-08-16 10:46 - 00000222 _____ C:\Users\Eva1\Desktop\Foul Play.url
2015-08-12 22:27 - 2015-07-30 09:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:27 - 2015-07-30 08:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:14 - 2015-07-18 20:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 11:14 - 2015-07-18 13:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 11:14 - 2015-07-18 13:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 11:14 - 2015-07-18 13:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 11:14 - 2015-07-18 13:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 11:14 - 2015-07-18 13:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 11:14 - 2015-07-18 13:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 11:14 - 2015-07-18 13:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 11:14 - 2015-07-18 13:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 11:14 - 2015-07-18 13:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 11:14 - 2015-07-18 13:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 11:14 - 2015-07-18 13:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 11:13 - 2015-06-09 13:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 11:12 - 2015-07-16 15:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 11:12 - 2015-07-16 15:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 11:12 - 2015-07-16 15:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 11:12 - 2015-07-16 15:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 11:12 - 2015-07-16 15:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 11:12 - 2015-07-16 15:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 11:12 - 2015-07-16 14:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-12 11:12 - 2015-07-16 14:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 11:12 - 2015-07-16 14:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 11:12 - 2015-07-16 14:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 11:12 - 2015-07-16 14:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 11:12 - 2015-07-16 14:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 11:12 - 2015-07-16 14:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 11:12 - 2015-07-16 14:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-12 11:12 - 2015-07-16 14:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 11:12 - 2015-07-16 14:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 11:12 - 2015-07-16 14:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 11:12 - 2015-07-16 14:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-12 11:12 - 2015-07-16 14:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 11:12 - 2015-07-16 14:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 11:12 - 2015-07-16 14:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 11:12 - 2015-07-16 14:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 11:12 - 2015-07-16 14:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 11:12 - 2015-07-16 14:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 11:12 - 2015-07-16 13:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-12 11:12 - 2015-07-16 13:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 11:12 - 2015-07-16 13:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 11:12 - 2015-07-16 13:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 11:12 - 2015-07-16 13:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 11:11 - 2015-07-28 18:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 11:11 - 2015-07-28 09:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 11:11 - 2015-07-28 09:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 11:11 - 2015-07-28 09:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 11:11 - 2015-07-28 09:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 11:11 - 2015-07-28 09:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 11:11 - 2015-07-28 09:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 11:11 - 2015-07-15 19:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 11:11 - 2015-07-15 19:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 11:11 - 2015-07-15 19:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 11:11 - 2015-07-15 19:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 11:11 - 2015-07-10 12:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 11:11 - 2015-07-07 04:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 11:11 - 2015-07-07 04:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-12 11:11 - 2015-07-07 04:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 11:11 - 2015-07-01 17:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 11:11 - 2015-07-01 17:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 11:11 - 2015-07-01 16:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 11:11 - 2015-07-01 16:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 11:11 - 2015-06-12 12:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 11:11 - 2015-06-12 11:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 11:10 - 2015-07-29 09:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 11:10 - 2015-07-29 09:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 11:10 - 2015-07-29 09:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 11:10 - 2015-07-24 13:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 11:10 - 2015-07-24 13:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 11:10 - 2015-07-24 13:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 11:10 - 2015-07-24 12:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 11:10 - 2015-07-24 12:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 11:10 - 2015-07-14 16:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-12 11:10 - 2015-07-14 16:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-12 11:10 - 2015-07-14 16:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-12 11:10 - 2015-07-13 22:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 11:10 - 2015-07-13 22:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 11:10 - 2015-07-13 14:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 11:10 - 2015-07-13 14:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 11:10 - 2015-07-10 13:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 11:10 - 2015-07-10 12:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 11:10 - 2015-07-10 12:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 11:10 - 2015-07-10 12:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 11:10 - 2015-07-10 11:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 11:10 - 2015-07-10 11:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 11:10 - 2015-07-09 12:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 11:10 - 2015-07-09 12:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 11:10 - 2015-07-09 11:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 11:10 - 2015-06-11 15:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-12 11:10 - 2015-06-11 15:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-12 11:10 - 2015-05-11 19:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-09 23:37 - 2015-08-09 23:37 - 00001328 _____ C:\Users\Public\Desktop\Façade.lnk
2015-08-09 23:37 - 2015-08-09 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Façade
2015-08-09 23:35 - 2015-08-09 23:37 - 00000000 ____D C:\Program Files (x86)\Facade
2015-08-06 15:04 - 2015-08-09 12:57 - 00000000 ____D C:\Users\Eva1\Downloads\Incompetech
2015-08-03 15:13 - 2015-08-03 15:53 - 00000000 ____D C:\Users\Eva1\AppData\Local\Game Dev Tycoon - Steam
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-02 07:18 - 2015-05-23 15:54 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-02 07:00 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-02 06:24 - 2015-05-23 14:34 - 00003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BA496CEC-08B9-4019-B1F2-7C15B6F3E1D1}
2015-09-02 06:02 - 2015-02-03 03:28 - 01095454 _____ C:\Windows\WindowsUpdate.log
2015-09-01 22:19 - 2015-05-23 14:29 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-183226619-428685392-4017880705-1001
2015-09-01 21:02 - 2015-05-23 14:44 - 00000000 ____D C:\Users\Eva1\OneDrive
2015-09-01 21:00 - 2015-05-23 15:54 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-01 21:00 - 2015-02-03 03:50 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-01 20:59 - 2015-07-20 16:58 - 00000761 _____ C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk
2015-09-01 20:59 - 2015-02-03 03:28 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 20:59 - 2013-08-22 09:46 - 00032986 _____ C:\Windows\setupact.log
2015-09-01 20:59 - 2013-08-22 09:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 20:56 - 2015-07-20 16:50 - 00000000 ____D C:\ProgramData\WRData
2015-09-01 20:46 - 2014-03-18 04:54 - 00070252 _____ C:\Windows\PFRO.log
2015-09-01 20:44 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\vpnplugins
2015-09-01 20:38 - 2015-05-23 14:37 - 00000000 ____D C:\Users\Eva1\AppData\Roaming\Skype
2015-09-01 20:18 - 2015-05-23 15:13 - 00000000 ____D C:\Users\Eva1\AppData\Roaming\.minecraft
2015-09-01 20:14 - 2015-05-23 20:57 - 00000000 ____D C:\Users\Eva1\AppData\Local\Spotify
2015-09-01 19:16 - 2015-05-23 20:55 - 00000000 ____D C:\Users\Eva1\AppData\Roaming\Spotify
2015-09-01 16:11 - 2015-06-26 00:57 - 00000000 ____D C:\Users\Eva1\Downloads\Minecraft
2015-09-01 14:00 - 2015-05-23 15:04 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-09-01 14:00 - 2015-05-23 15:04 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-09-01 13:58 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\NDF
2015-09-01 09:54 - 2015-06-23 19:28 - 00000000 ____D C:\ProgramData\Oracle
2015-09-01 09:51 - 2015-06-23 19:28 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-01 09:50 - 2015-06-23 19:29 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-09-01 09:50 - 2015-06-23 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-01 09:50 - 2015-05-23 14:23 - 00000000 ____D C:\Users\Eva1
2015-08-30 09:55 - 2015-05-23 18:20 - 00000904 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2015-08-30 09:55 - 2015-05-23 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-08-30 09:55 - 2015-05-23 18:20 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2015-08-29 18:13 - 2015-05-23 15:54 - 00003886 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-29 18:13 - 2015-05-23 15:54 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-29 09:39 - 2015-07-13 22:30 - 00000000 ____D C:\Users\Eva1\Downloads\Quotev
2015-08-29 07:49 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-27 09:42 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Camera
2015-08-27 09:07 - 2015-07-20 16:34 - 00000000 ____D C:\Program Files (x86)\16517ABC-1437428086-3F45-B01D-2CC53564FAC8
2015-08-26 17:55 - 2014-09-24 10:40 - 00000000 ____D C:\ProgramData\Skype
2015-08-26 17:07 - 2015-05-23 14:23 - 00001444 _____ C:\Users\Eva1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-26 11:19 - 2015-05-23 14:23 - 00000000 ____D C:\Users\Eva1\AppData\Local\Packages
2015-08-26 11:09 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\L2Schemas
2015-08-26 11:08 - 2015-07-20 16:37 - 00000000 ____D C:\Program Files (x86)\1cf83d29-e727-4733-b007-80abedcf81f9
2015-08-26 09:30 - 2015-05-23 21:08 - 00000000 ____D C:\ProgramData\Origin
2015-08-26 09:28 - 2013-08-22 08:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-26 09:14 - 2015-06-29 23:27 - 00000000 ____D C:\Users\Eva1\AppData\Roaming\Curse Client
2015-08-26 09:14 - 2014-03-18 05:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-23 12:06 - 2015-05-24 10:40 - 00491008 ___SH C:\Users\Eva1\Downloads\Thumbs.db
2015-08-22 17:00 - 2015-06-24 10:41 - 04730416 _____ () C:\Users\Eva1\Desktop\TechnicLauncher.exe
2015-08-22 17:00 - 2015-06-24 10:41 - 00000000 ____D C:\Users\Eva1\AppData\Roaming\.technic
2015-08-20 11:09 - 2015-07-20 16:58 - 00168720 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2015-08-20 11:09 - 2015-07-20 16:58 - 00117792 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2015-08-20 11:09 - 2015-07-20 16:58 - 00106944 _____ (Webroot) C:\Windows\system32\WRusr.dll
2015-08-19 22:51 - 2013-08-22 10:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-16 21:57 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\rescache
2015-08-15 18:57 - 2015-06-14 11:16 - 00000000 ____D C:\Users\Eva1\Downloads\TF2
2015-08-14 22:48 - 2013-08-22 09:44 - 00337808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-14 22:46 - 2015-05-29 07:38 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-14 22:46 - 2015-05-29 07:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-14 22:46 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 22:46 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 22:46 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 22:46 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 22:25 - 2015-05-26 16:46 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 22:07 - 2015-05-26 16:46 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 22:05 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 22:05 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 12:50 - 2015-05-25 07:50 - 00185045 _____ C:\Windows\DirectX.log
2015-08-10 12:50 - 2015-05-24 22:56 - 00000000 ____D C:\Users\Eva1\Documents\my games
2015-08-08 08:55 - 2015-05-29 07:45 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 08:55 - 2015-05-29 07:45 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 15:51 - 2015-05-23 23:39 - 00001364 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2015-08-06 12:48 - 2014-09-24 10:52 - 00000000 ____D C:\Windows\Panther
2015-08-06 12:37 - 2015-07-10 08:39 - 00000000 ___HD C:\$Windows.~BT
 
==================== Files in the root of some directories =======
 
2015-08-26 13:45 - 2015-09-02 04:28 - 0000164 _____ () C:\Users\Eva1\AppData\Roaming\sp_data.sys
2015-08-27 09:16 - 2015-08-27 09:16 - 0000872 _____ () C:\Users\Eva1\AppData\Local\recently-used.xbel
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2015-05-25 12:20] - [2015-07-20 16:48] - 0657920 ____A (Microsoft Corporation) 8144B6136A83BDC5D70FAA2A6D726049
 
C:\Windows\SysWOW64\dnsapi.dll
[2015-05-25 12:20] - [2015-07-20 16:48] - 0498688 ____A (Microsoft Corporation) A2B1D4C7F59AE928B042A098BAFF8914
 
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-09-02 05:19
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Eva1 (2015-09-02 07:59:21)
Running from C:\Users\Eva1\Desktop\Malware protection
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-183226619-428685392-4017880705-500 - Administrator - Disabled)
Eva1 (S-1-5-21-183226619-428685392-4017880705-1001 - Administrator - Enabled) => C:\Users\Eva1
Guest (S-1-5-21-183226619-428685392-4017880705-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-183226619-428685392-4017880705-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 (HKLM\...\UDK-4c59dd62-c9f7-4aae-bb8c-e2a515e163c3) (Version:  - RuneStorm
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
A.V.A - Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version:  - RED DUCK Inc.)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
ASUS Gaming Center (HKLM-x32\...\{23C8A788-4790-4F3C-B103-0ACC7D9DC5BE}) (Version: 1.0.5 - ASUS)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS)
ASUS ROG MacroKey (HKLM-x32\...\{348022C5-F497-4333-AFEE-208F22F169F2}_is1) (Version: 1.0.0.28 - G-spy Co., Ltd)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.29 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Cthulhu Saves the World  (HKLM-x32\...\Steam App 107310) (Version:  - Zeboyd Games)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Day of Defeat (HKLM-x32\...\Steam App 30) (Version:  - Valve)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version:  - Valve)
Deathmatch Classic (HKLM-x32\...\Steam App 40) (Version:  - Valve)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
ELAN Touchpad 11.5.15.5_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.15.5 - ELAN Microelectronic Corp.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Façade (HKLM-x32\...\{24E34264-D483-477C-A9A0-4E53F69834CF}) (Version: 1.1.2 - Procedural Arts)
Fallout 3 (HKLM-x32\...\Steam App 22300) (Version:  - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Fortress Forever (HKLM-x32\...\Steam App 253530) (Version:  - Fortress Forever Development Team)
Foul Play (HKLM-x32\...\Steam App 244810) (Version:  - Mediatonic)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.1 - Genesys Logic)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Gone Home (HKLM-x32\...\Steam App 232430) (Version:  - The Fullbright Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Grimm (HKLM-x32\...\Steam App 252150) (Version:  - Spicyhorse Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
Half-Life Deathmatch: Source (HKLM-x32\...\Steam App 360) (Version:  - Valve)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{915DDCDE-7767-4B4A-9256-8729B265BDAC}) (Version: 17.1.1440.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}) (Version: 17.13.2 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jazzpunk (HKLM-x32\...\Steam App 250260) (Version:  - Necrophone Games)
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Maxx Audio Installer (x64) (Version: 1.6.4882.94 - Waves Audio Ltd.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version:  - Virtual Heroes)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.56.1 - Black Tree Gaming)
NVIDIA 3D Vision Driver 345.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 345.05 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 345.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.05 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 345.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 345.05 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.23 - ASUS)
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version:  - Telltale Games)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Portal Stories: Mel (HKLM-x32\...\Steam App 317400) (Version:  - Prism Studios)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7427 - Realtek Semiconductor Corp.)
Resource Hacker Version 4.2.4 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skullgirls (HKLM-x32\...\Steam App 245170) (Version:  - Lab Zero Games)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
Spotify (HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\Spotify) (Version: 1.0.12.161.g64b0797c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Team Fortress Classic (HKLM-x32\...\Steam App 20) (Version:  - Valve)
TERA (HKLM-x32\...\Steam App 323370) (Version:  - En Masse Entertainment)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Jackbox Party Pack (HKLM-x32\...\Steam App 331670) (Version:  - Jackbox Games, Inc.)
The Knobbly Crook: Chapter I - The Horse You Sailed In On (HKLM-x32\...\Steam App 378300) (Version:  - Gnarled Scar Manipulations)
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version:  - Outerlight Ltd.)
The Ship Tutorial (HKLM-x32\...\Steam App 2430) (Version:  - Outerlight)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Diesel Stuff (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Movie Stuff (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.10.57.1020 - Electronic Arts Inc.)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - Mike Bithell)
Thunderbolt™ Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel® Corporation)
Toribash (HKLM-x32\...\Steam App 248570) (Version:  - Nabi Studios)
Town of Salem (HKLM-x32\...\Steam App 334230) (Version:  - BlankMediaGames)
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
Unreal Development Kit: 2012-07 (HKLM\...\UDK-de77dda8-8f7a-45c5-8899-bf7607f17042) (Version:  - Epic Games, Inc.)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Viscera Cleanup Detail (HKLM-x32\...\Steam App 246900) (Version:  - RuneStorm)
Viscera Cleanup Detail: alpha v0.25
Viscera Cleanup Detail: Shadow Warrior (HKLM-x32\...\Steam App 255520) (Version:  - RuneStorm)
VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.2.21 - Webroot)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
19-08-2015 22:46:28 Windows Update
26-08-2015 09:14:40 JRT Pre-Junkware Removal
30-08-2015 10:32:20 Revo Uninstaller's restore point - Foxit PhantomPDF
30-08-2015 10:33:19 Removed Foxit PhantomPDF
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {14139AE9-351E-471B-BBF9-73EF1FAEEC19} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {17B69656-4C0B-470C-B286-47186C56C3C3} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {1F9270BE-06C3-457B-AFF1-E633D2F7AC63} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {28720781-AEAC-4C9C-996D-FD47FE06E261} - System32\Tasks\{3555BA93-CEB4-49EA-90E0-314534497BAC} => Chrome.exe http://ui.skype.com/ui/0/7.6.85.105/en/abandoninstall?page=tsProgressBar
Task: {2FBB3E3C-5EB2-4E12-A875-C0F824EBEBF5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-23] (Google Inc.)
Task: {389B817C-34EF-478E-953D-F5809956F984} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {48D47CD5-DE07-4079-AC54-BC79BF0E39A1} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService
Task: {4B7E3114-9B81-411B-A414-B814D3C6E14F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {53B64512-A8C7-40BE-9A4D-05F6182AAD94} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-04] (Realtek Semiconductor)
Task: {556CACD7-3294-4C4F-8164-B1F856CA33BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-23] (Google Inc.)
Task: {557DBB25-37D4-4018-A506-747D37A9E72B} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {610391EB-A0AB-445C-9B5F-8AE556CB1A21} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {69155D95-B408-475E-9E83-267CE96CDB69} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe
Task: {8EF6E551-3F85-4711-920F-81BC8E63ADD4} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {9811A538-389B-42B7-BE05-8FF1AC0F39DC} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {9910395D-BED6-4BEF-AA02-08EBDC69EE38} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {A4C19B2D-3844-44CF-802D-F410BB58B3F1} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-01-13] (Realtek Semiconductor)
Task: {A631AE03-2BD5-4503-9CB4-DAE69280F96C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {AD661C8E-5533-4916-99D6-9B761E6FAF9F} - System32\Tasks\Gaming Center => C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe [2014-10-03] (ASUSTek Computer Inc.)
Task: {E02D37DF-DF75-4CF2-B3F2-D8165F5C0673} - System32\Tasks\{AC656D60-2AAC-46C9-A9AD-999BC2AF4C84} => Chrome.exe http://ui.skype.com/ui/0/7.6.85.105/en/abandoninstall?page=tsProgressBar
Task: {EA553E67-2CB0-4AC9-8814-149204C34124} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
Task: {EEE2774E-B1BD-44A3-B64E-58959E0E8867} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-02-03 03:28 - 2014-12-24 05:38 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-03 03:49 - 2013-05-15 17:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
2014-11-05 15:44 - 2014-11-05 15:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-11-05 15:44 - 2014-11-05 15:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-08-15 11:39 - 2015-07-03 11:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-15 11:39 - 2015-07-03 11:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-15 11:39 - 2015-08-19 15:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-15 11:39 - 2015-07-03 11:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-15 11:39 - 2015-07-03 11:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-23 15:13 - 2014-12-01 16:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-23 15:13 - 2014-12-01 16:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-23 15:13 - 2014-12-01 16:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-23 15:13 - 2014-12-01 16:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-23 15:13 - 2014-12-01 16:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-15 11:39 - 2015-08-19 15:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 17:22 - 2015-07-26 20:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-05-23 15:13 - 2015-07-03 11:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-02-03 03:34 - 2013-10-23 16:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-09-01 18:45 - 2015-08-27 19:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-01 18:45 - 2015-08-27 19:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-09-01 18:46 - 2015-08-27 19:17 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Eva1\OneDrive:ms-properties
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-183226619-428685392-4017880705-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Eva1\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "Install Webroot IE RunOnce.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Install Webroot FF RunOnce.lnk"
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-183226619-428685392-4017880705-1001\...\StartupApproved\Run: => "Spotify"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CDEF66B8-5ED7-4CA9-A001-4728EB4B600B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B9C41747-BEC3-4F44-B0DC-A7B21A476E10}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C4580C28-6C02-4D27-AD69-2DDF5402A056}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6720FD60-6AEE-4597-8B5C-6178B4D3396D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F61A0843-E8EC-4C3D-A043-C41AA1497A86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D198CA00-DAE6-4E7B-892C-8683B664CBBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9506CF7B-D47F-48D9-BFFB-21E40F43B1B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7F12DAAC-5B17-4FF9-BABD-0D93CEDA382D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E1D967AD-75C6-4C66-9C03-BF42AB770D5E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{58996C60-35C3-4F75-B027-685ADEEB2371}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{E96ED93F-35DD-4698-B987-E40DED1B2E6A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{ACCCCCED-BA87-40D1-ACBF-C14826C78563}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{A3C92D21-0136-4F80-8C47-07A186485AEF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AAA253D9-35C8-41E0-BAF5-5E98F0C37F95}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{55B342C8-CD9D-4507-999B-20D3267EAFF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AF794D4F-62B9-4142-87FC-19CA1EBF01EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{BA74F3D7-D7E1-460E-8740-8E91F7CFB7C9}C:\users\eva1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eva1\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{402C01E3-64FE-4DC1-8444-7A8250E04CCC}C:\users\eva1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eva1\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FC123161-69CE-4B94-9789-97193F707210}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aceofspades\aos.exe
FirewallRules: [{78FF433B-B3BB-4DC9-ADBD-EE5D349BC56C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\aceofspades\aos.exe
FirewallRules: [{6F72A4E5-3400-4E8C-941D-912B4C9CE988}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [{E6BEC7B6-BA40-4ECA-91D5-B04C9DB052B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [{80B7D001-E0B8-4253-ABBF-4653C6A95245}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{942FB832-E89B-404E-92BB-8818420ED2B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Town of Salem\TownOfSalem.exe
FirewallRules: [{044877D0-2174-445E-A3EB-73FBE631A89C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{C5D7C70A-72B7-44BE-9F4D-7F5539BE30D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{9A84FB84-4C32-47FB-8784-A32F68F0AA06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{58B82535-8F49-4808-A46D-630EE71F0B4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E428C3F6-B180-4255-A7DA-4A2643F012E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C36EC88F-30A4-43A8-AC5B-B5A5D851B1EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{CB99C743-7916-4BE0-A0D4-9E6DA7946B77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{6965E5D6-3AB3-47FE-9108-3C32C7EE83F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{27C81F8B-D179-4AF6-BCD4-C59FC51DE0F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{3D3306EF-A8B5-452A-B4BA-A2923B32377E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{66432A23-622A-40F5-B25A-F51D60D8967C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{32B57D23-D05C-43AF-B92B-218FBC702E46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\TERA-Launcher.exe
FirewallRules: [{7DAEDAE0-C48C-4327-BFD7-892A3602CEE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{ABF9BE92-0F22-4917-A59F-28DBA82BCBBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{514FF2B3-0D20-4C35-925C-5458B79052BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grimm\GrimmLauncher.exe
FirewallRules: [{3A4A4264-1929-4621-A42B-BAC140E14B7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grimm\GrimmLauncher.exe
FirewallRules: [{95AEABE9-81DA-4B90-B06B-9CEE2B020248}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{CB076EC7-9387-4F41-9E26-FB30E9501119}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{5454BC53-328C-498F-90A3-D63BDD1EA086}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E7833D5B-44D1-4AE3-A35B-E5B57A3C2FE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{20CDEEEE-50CF-45C8-878C-6FB9266A2C5A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{27929CD6-671A-4126-9590-163388365996}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{35C99BE5-9324-4DDA-95EA-C4CE84F12739}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{625CAE75-E6DE-453B-B6B2-7D24C3AF64CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gone Home\GoneHome.exe
FirewallRules: [{781F2DA9-E8B3-4EEF-BE4D-65361139AD1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gone Home\GoneHome.exe
FirewallRules: [{7C434477-9DE9-4E51-B666-BC2F188DFE23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{ACD4681F-6418-4631-9469-177E387A22EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{D117E698-EE93-4FB6-B09F-64052BF90C03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{A8DDF19E-A879-4E1B-AF18-670A60175978}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{5F568822-7AC9-4394-BC61-06CD4027F04D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{26B05C2F-B14A-49F3-B985-1EBA46E9B744}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{2F4327C2-C5AC-4CA4-9FCB-E4E800549DEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{AF33DE01-9B3F-43D9-A163-159A25C24C99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{F62B0F00-8AA4-4E4A-A687-9E0329DE9DD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{E14C9216-64E5-4A16-A7AB-821AF3FECF59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{169C349F-10BC-4E1D-87CB-5D6215906279}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack\TJPP.exe
FirewallRules: [{86240759-6D79-4A4A-B15B-E89BF551329D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Jackbox Party Pack\TJPP.exe
FirewallRules: [{4208F0DD-34AF-4B47-B8BE-3197FE2BCFBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{CFD0D373-C1C3-4BE7-96B1-573E9A2DAD6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{A7F1F8D5-9985-4AEC-8FAB-756315865233}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{E6F937F8-9F76-4137-BC8B-E16C8255770C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{B45CF712-3F53-4CDB-B126-FE85FEA6E43E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{A8CB9243-BA0A-4D6B-843F-D247E3417EF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{3A2BE772-DD4C-4E7A-8DD4-D1192F04B10A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{9E0FDBCB-5F17-4B92-BB6D-7F0670B051DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{44098A9F-7684-4A24-A7EC-3B6383BBBB96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{4F045CD5-9F9B-444B-BF52-1732E81C9A56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{39C8F04D-BE88-4A8C-9C64-8189CE5C22BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C4516824-D807-4875-9E01-10D65E976D7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{66731978-F24C-4208-8276-DAA1F99E6915}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{18691012-3B79-4752-9D5C-7D7936C1A25B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{51E68E7C-1FA5-40FE-82D5-793FF23EBB08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{55758C83-43F0-4B83-9BC9-3DE954BF5B90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{05A81919-239A-4AA6-B0DB-1A2B1F6C60E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{525D1F74-E298-4540-91B1-AF2ECE4C8C5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D8A5A47E-7F14-43F7-B44F-3CD46457C9F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{B91A3FBE-7F12-4358-B805-EAB927963C77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{769526C1-0A3C-4DBB-9D28-E6A268EE4F25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Toribash\toribash.exe
FirewallRules: [{18E96472-0985-4C84-A454-DEB13F704BE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Toribash\toribash.exe
FirewallRules: [{737FDE88-C24A-4824-B709-AFE4B02BEEC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{321A4D6E-F60D-4236-809E-AE89375834D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{9EAF0EBF-F00D-463D-98E2-27D0FB7995E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{3B045D75-16CF-4741-BB3B-20E825E78DB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Stories Mel\portal2.exe
FirewallRules: [TCP Query User{5C8BD2DC-4958-4C79-AE76-1500EAEB273B}C:\users\eva1\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\eva1\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FFA6EE5C-DBDB-4A98-8339-2F67226E7C25}C:\users\eva1\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\eva1\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{F6961718-4699-4E57-98CD-A2026D647844}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 1 Source Deathmatch\hl2.exe
FirewallRules: [{10972C3B-34A7-4386-BDE4-07A2BA54F12A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 1 Source Deathmatch\hl2.exe
FirewallRules: [{C2994B5C-02F9-48A5-A57D-718BEC141071}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{9AC460B5-D220-4918-8C58-2BD18E1D7809}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{BB9F1637-A975-448C-807B-2F448F6F30C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{9862276B-CCA5-4713-A48B-466F43EEDACC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [TCP Query User{D029FB3E-B007-4313-8774-46C6F124B123}C:\users\eva1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eva1\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3620364D-3A9A-4E92-B72E-38A5FD0ED67A}C:\users\eva1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eva1\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2C763634-45B0-46DB-809E-ED00E72BD404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{FE6EC5B5-CCE7-4DD8-BDB6-075347B256DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{5E8A8FD2-62AE-4F9E-9346-7DDF5EE35196}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{B07D4E9C-ACFB-446D-BD4C-5EC9EBE2DE09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{56F5F78C-1FA4-4B10-9177-4C71B1384DB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{694744E3-0ECF-4AE9-B8C2-B4566AB9F9A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{F6F71A9C-32EF-4A21-8878-E07C959851E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [{13847760-7424-4C21-A82E-E40F868A657D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3\FalloutLauncher.exe
FirewallRules: [{9C5A328F-C2F3-4700-BE82-87DB1BAB64AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{82384828-B2E0-4864-A4C1-8737DF2423A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{AFDAFC45-0D4D-4AD1-8160-2475F46B4B78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{5993F550-CF00-4E5B-8193-3D2D60332293}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{ED9D6A50-8CD7-44F9-A2BB-E6BE365BAC70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{5ADECC38-7EC5-4E2C-8997-F76B8FCB25F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{1A8CDF88-C7A2-4EAA-A8F8-AB0CBAF7F3BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{8FD6F98B-1CE5-42C2-9009-0449E1CBE04E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{3B773C0F-FD16-48B2-82B8-CE5F02E64D98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{F9905EE5-9D35-4B5E-BFF4-696BD94EAA76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{4C5B5E8A-2EA8-4773-9E7D-9F264DC11C5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Knobbly Crook Chapter I\Knobbly Crook.exe
FirewallRules: [{1D2AEA91-FA00-4240-B02E-9B02499688CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Knobbly Crook Chapter I\Knobbly Crook.exe
FirewallRules: [{76561660-38BC-450A-AF84-80425542C38F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{BD5912BA-7A72-4A71-B305-8D5CE8B3914B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{813AE7ED-AA9F-4087-85F9-8077AE3F002E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{339A33A2-4648-4057-B573-E22F338F2B98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{F7A93F7E-D45A-4556-8DCF-2C488346121F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{D2B5A3CB-E0CE-4F22-AB54-632225E6797F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{AE5F84B7-6EFA-49CB-91C0-BA5EC2FBA0FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cthulhu Saves the World\CSTW.exe
FirewallRules: [{4022003B-3C1D-4EB0-B1EB-021899694A31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cthulhu Saves the World\CSTW.exe
FirewallRules: [{3BCF359A-BFFC-4FC6-AB36-EE97B52B382A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{23C48E2E-F8E5-4426-A51B-A92B315F7A8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{B0F55738-C0A4-4FB5-A015-B22EAA56CD33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{DF5CF05D-E405-4E6E-9650-02FBC1E9FBDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{FCD36B39-1096-4474-8F7B-01EE77D91195}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{F431A6A1-A972-4BC5-A3E4-D6653423F26C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{28F49838-FFDC-455E-A454-C728C4C42756}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{3D840790-77E7-464F-A6AA-9AFB60470C72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{781C5A13-5BE5-4134-A39A-9C3889CAB921}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{E70D4B2F-DF4C-4A1F-BDD1-D6B70E3EF992}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{50F74597-77C8-4F0F-8D7E-76D0E03AB9A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{3A3C443E-F421-4191-BCC9-C2CC03060A22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{6AFA98D9-3234-4191-A8E1-15281AE56246}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{4668C56E-7CD9-477D-BD17-A7A979B504D4}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{16DD7307-E643-41A4-B709-12ECA5EA7235}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{6FD2594F-9D8A-4B8C-822B-A729A6237391}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{BA7E428E-A142-439E-89BC-3EC5ADA037BD}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [{15F7E1F4-EC30-49FF-9E15-541C26412886}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{94D0D2CC-7BE2-4A2C-94EC-A95B648318C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{F53C491E-A169-47E6-8AA6-76BEA81E196C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{E721A3B4-69F3-4857-9E29-2840B96CCB36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{707D2985-BF74-431D-AF75-17E65B667FE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{D0552C38-E746-49E7-A8FC-16ED93691D2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{4441EF44-89F7-4D30-9BCD-1ECFF29CAA40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{7BC86F89-8873-423D-BC70-ECD25F8062F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{F9B3DF51-2D06-4A7D-8C00-C9E1D63BE600}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AVA\NWZLauncher.exe
FirewallRules: [{EBAA1674-97DD-4F79-9644-8CFC42A8AEED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AVA\NWZLauncher.exe
FirewallRules: [{22C66F34-2321-4735-B6FA-8A0BA7AD00F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{17250F3A-655B-4BE2-BCF8-8DD3C0508882}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{BFDD3F68-CCEF-4CA5-A68C-3BD6B37CFF99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{4380E5EC-03D0-40B9-B29C-AB91BA0713D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{AE99BB6C-32CA-4F3E-B476-0773DAF45CD5}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{DAC1C173-9F16-4CBE-8A49-5E45B4BC0FDB}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{58D73118-92FB-4CE9-A63C-5709081FA73D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{1F1E8118-A04E-4306-A3D9-9C6811205A99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{1B2E9B6D-6986-49EC-92F2-28F3B145FA10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{3B310265-690E-4951-B7BD-BBEDA5BA7CFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{FA97F89E-5ACD-4753-ACDB-46779533A114}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{384CBDCD-4A6C-4FB7-8A9C-4A072791A864}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [TCP Query User{06DBBCDC-FB60-4542-8B37-CEFB0C70AD8A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{9A02A102-039F-4E6F-8FBF-86893342B061}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{640A0816-B532-44BA-BA25-3909A4262A6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F93E3735-F788-4D81-8314-479B305C8BC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{0D1EA6BF-1778-4AC6-8D37-12593883E824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foul Play\foul_play.exe
FirewallRules: [{2467D6BF-F2D2-4A94-96A0-BDD484BE8435}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Foul Play\foul_play.exe
FirewallRules: [{0C2DF745-47AD-49A3-B8EE-1CAD1BC506A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{19641E65-6B94-4C1D-B94F-7AF0CCBEDF60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{9599A07A-B988-4352-98B5-016F89E68015}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fortress Forever\hl2.exe
FirewallRules: [{B30F5A5E-6F9B-4633-9C7D-60FC5E88013F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fortress Forever\hl2.exe
FirewallRules: [{FB29C4A4-CCB6-439C-9C6A-4C46B8C99857}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{9C61AE23-A28A-4D0E-8930-4EF81837B5FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{264D92E2-FC30-4EC9-954E-37E28B01DEE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{D5A71137-D02D-4580-AFCF-0FBAE2D3362C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{094E85E8-99B1-44EF-B14F-471D92E2AAEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship Tutorial\ship.exe
FirewallRules: [{8A6F5CB7-E31A-4795-A531-643674037D7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Ship Tutorial\ship.exe
FirewallRules: [{818F0A98-A4BB-4915-AB88-B77B4A23B351}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{AB67DC12-858B-4AED-B9FF-82BF6C3EE6F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe
FirewallRules: [{48C42461-3777-4208-A9BA-C79CF895EB1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{F6CC0819-8D9C-4C9E-9ECB-F043C30960D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe
FirewallRules: [{3B069340-8E34-4BBD-BE93-8ACB8591FA2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [{D9C4B3A9-F1D8-415F-83FF-9EE3398F6ABA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe
FirewallRules: [TCP Query User{3E4B68D0-5BA4-4690-8DBB-B3C14F320DF3}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{DD795D2C-C175-4A33-8B87-CD05236EA2C6}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{727302B3-4F9A-4729-B19F-2A437EF2E6AC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3A55283D-2833-4002-B38C-B09B12204749}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{35278D64-F9D9-4B57-899A-445DDC784EC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/02/2015 07:09:53 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
 
Error: (09/02/2015 05:25:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
 
Error: (09/02/2015 02:14:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13766
 
Error: (09/02/2015 02:14:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13766
 
Error: (09/02/2015 02:14:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/01/2015 09:05:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
 
Error: (09/01/2015 09:05:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
 
Error: (09/01/2015 09:05:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
 
Error: (09/01/2015 09:05:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
 
Error: (09/01/2015 09:00:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 4.8.D.8.1.F.C.D.B.E.2.6.5.1.1.9.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Eva-2.local.
 
 
System errors:
=============
Error: (09/02/2015 04:43:37 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home.
 
Error: (09/01/2015 09:06:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (09/01/2015 09:06:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Eva1\AppData\Local\Temp\ehdrv.sys
 
Error: (09/01/2015 09:06:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (09/01/2015 09:06:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Eva1\AppData\Local\Temp\ehdrv.sys
 
Error: (09/01/2015 09:06:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (09/01/2015 09:06:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Eva1\AppData\Local\Temp\ehdrv.sys
 
Error: (09/01/2015 08:58:55 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (09/01/2015 08:58:55 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (09/01/2015 08:58:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
%%1062
 
 
Microsoft Office:
=========================
Error: (09/02/2015 07:09:53 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (09/02/2015 05:25:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestc:\users\eva1\downloads\esetsmartinstaller_enu.exe
 
Error: (09/02/2015 02:14:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13766
 
Error: (09/02/2015 02:14:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13766
 
Error: (09/02/2015 02:14:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/01/2015 09:05:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Eva1\Downloads\esetsmartinstaller_enu.exe
 
Error: (09/01/2015 09:05:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Eva1\Downloads\esetsmartinstaller_enu.exe
 
Error: (09/01/2015 09:05:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Eva1\Downloads\esetsmartinstaller_enu.exe
 
Error: (09/01/2015 09:05:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Eva1\Downloads\esetsmartinstaller_enu.exe
 
Error: (09/01/2015 09:00:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 4.8.D.8.1.F.C.D.B.E.2.6.5.1.1.9.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Eva-2.local.
 
 
CodeIntegrity:
===================================
  Date: 2015-07-13 23:33:33.579
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-13 23:33:33.003
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4720HQ CPU @ 2.60GHz
Percentage of memory in use: 32%
Total physical RAM: 8141.18 MB
Available physical RAM: 5535.08 MB
Total Virtual: 9421.18 MB
Available Virtual: 6566.95 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:915.4 GB) (Free:419.75 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1AD69020)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
The pop-ups in chrome persist, and I can see when a page is loading that it is waiting for something from bestpriceninja.com


#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:20 PM

Posted 02 September 2015 - 08:33 AM

If needed, please backup bookmarks & Co.


Step 1

revouninstaller.pngRevo Uninstaller Free
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), to remove it:
    Google Chrome 
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish
Step 2

Reinstall Google Chrome. Download
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 toggleon

toggleon
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:20 AM

Posted 02 September 2015 - 08:56 AM

I completed the above steps, but when I opened IE to redownload Chrome, I found the pop-ups there as well. 

 

Please let me know what to do next.

 

Thanks,

Bryan



#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:20 PM

Posted 02 September 2015 - 09:00 AM

I found the pop-ups there as well.


Please post a screenshot:

attachlogs.png
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 toggleon

toggleon
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:20 AM

Posted 02 September 2015 - 01:14 PM

I am trying to gather the screen shots however the adware has rendered IE practically unusable -- I haven't even tried reinstalling chrome and am typing now from a different computer. Pages take very long to load, links don't work and when they do, they launch another add window. I believe there are seven open right now. And when I try to type in the reply box, I can't even get the cursor to appear. 

 

I will continue to try but please let me know if you can recommend any work around



#11 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:20 PM

Posted 02 September 2015 - 01:36 PM

Step 1

Please download TDSStdsskiller.pngiller and save it to your Desktop.
  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters. (1)
  • Make sure that all available options (except "Loaded modules") are checked and click OK. (2)
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report (3) to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.
tdss.gif
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#12 toggleon

toggleon
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:20 AM

Posted 02 September 2015 - 02:13 PM

Have reinstalled chrome which functions better than IE but still acts strange. No pop ups yet but I've had to reload this page 5 times to finally post

 

13:38:31.0209 0x2b38  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
13:38:31.0209 0x2b38  UEFI system
13:38:34.0472 0x2b38  ============================================================
13:38:34.0472 0x2b38  Current date / time: 2015/09/02 13:38:34.0472
13:38:34.0472 0x2b38  SystemInfo:
13:38:34.0473 0x2b38  
13:38:34.0473 0x2b38  OS Version: 6.3.9600 ServicePack: 0.0
13:38:34.0473 0x2b38  Product type: Workstation
13:38:34.0473 0x2b38  ComputerName: EVA
13:38:34.0473 0x2b38  UserName: Eva1
13:38:34.0473 0x2b38  Windows directory: C:\Windows
13:38:34.0473 0x2b38  System windows directory: C:\Windows
13:38:34.0473 0x2b38  Running under WOW64
13:38:34.0473 0x2b38  Processor architecture: Intel x64
13:38:34.0473 0x2b38  Number of processors: 8
13:38:34.0473 0x2b38  Page size: 0x1000
13:38:34.0473 0x2b38  Boot type: Normal boot
13:38:34.0473 0x2b38  ============================================================
13:38:35.0508 0x2b38  KLMD registered as C:\Windows\system32\drivers\06908714.sys
13:38:35.0781 0x2b38  System UUID: {AB2E1768-C0E0-3D4B-F702-9A54D99F422E}
13:38:36.0758 0x2b38  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:38:36.0764 0x2b38  ============================================================
13:38:36.0765 0x2b38  \Device\Harddisk0\DR0:
13:38:36.0765 0x2b38  GPT partitions:
13:38:36.0766 0x2b38  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4C8B2665-0A87-4245-BA5A-0565847E0AFB}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
13:38:36.0766 0x2b38  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1C68C62B-7C27-4C99-9048-2A4193883FFE}, Name: Basic data partition, StartLBA 0x32800, BlocksNum 0x1C2000
13:38:36.0766 0x2b38  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8107B4C5-FD6A-4B9E-BF46-5D1FD93098C2}, Name: Microsoft reserved partition, StartLBA 0x1F4800, BlocksNum 0x40000
13:38:36.0766 0x2b38  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EF062D87-3010-4C81-A527-C9825426BB9D}, Name: Basic data partition, StartLBA 0x234800, BlocksNum 0x726CD000
13:38:36.0766 0x2b38  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {26A89883-7825-4131-832C-54C4B5F6AFB4}, Name: Basic data partition, StartLBA 0x72901800, BlocksNum 0x1E05000
13:38:36.0766 0x2b38  MBR partitions:
13:38:36.0766 0x2b38  ============================================================
13:38:36.0815 0x2b38  C: <-> \Device\Harddisk0\DR0\Partition4
13:38:36.0815 0x2b38  ============================================================
13:38:36.0815 0x2b38  Initialize success
13:38:36.0815 0x2b38  ============================================================
13:38:38.0790 0x15d4  ============================================================
13:38:38.0790 0x15d4  Scan started
13:38:38.0790 0x15d4  Mode: Manual; 
13:38:38.0790 0x15d4  ============================================================
13:38:38.0790 0x15d4  KSN ping started
13:38:41.0204 0x15d4  KSN ping finished: true
13:38:45.0951 0x15d4  ================ Scan system memory ========================
13:38:45.0951 0x15d4  System memory - ok
13:38:45.0952 0x15d4  ================ Scan services =============================
13:38:46.0134 0x15d4  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
13:38:46.0146 0x15d4  1394ohci - ok
13:38:46.0180 0x15d4  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
13:38:46.0186 0x15d4  3ware - ok
13:38:46.0272 0x15d4  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:38:46.0298 0x15d4  ACPI - ok
13:38:46.0323 0x15d4  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
13:38:46.0327 0x15d4  acpiex - ok
13:38:46.0353 0x15d4  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
13:38:46.0355 0x15d4  acpipagr - ok
13:38:46.0365 0x15d4  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
13:38:46.0367 0x15d4  AcpiPmi - ok
13:38:46.0376 0x15d4  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
13:38:46.0378 0x15d4  acpitime - ok
13:38:46.0439 0x15d4  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
13:38:46.0478 0x15d4  ADP80XX - ok
13:38:46.0545 0x15d4  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:38:46.0556 0x15d4  AeLookupSvc - ok
13:38:46.0607 0x15d4  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
13:38:46.0635 0x15d4  AFD - ok
13:38:46.0730 0x15d4  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
13:38:46.0785 0x15d4  AgereSoftModem - ok
13:38:46.0810 0x15d4  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:38:46.0814 0x15d4  agp440 - ok
13:38:46.0862 0x15d4  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
13:38:46.0867 0x15d4  ahcache - ok
13:38:46.0906 0x15d4  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
13:38:46.0907 0x15d4  AiCharger - ok
13:38:46.0953 0x15d4  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
13:38:46.0958 0x15d4  ALG - ok
13:38:46.0985 0x15d4  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
13:38:46.0990 0x15d4  AmdK8 - ok
13:38:47.0010 0x15d4  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
13:38:47.0015 0x15d4  AmdPPM - ok
13:38:47.0039 0x15d4  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:38:47.0044 0x15d4  amdsata - ok
13:38:47.0066 0x15d4  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:38:47.0079 0x15d4  amdsbs - ok
13:38:47.0097 0x15d4  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:38:47.0099 0x15d4  amdxata - ok
13:38:47.0159 0x15d4  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
13:38:47.0163 0x15d4  AppID - ok
13:38:47.0220 0x15d4  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:38:47.0224 0x15d4  AppIDSvc - ok
13:38:47.0276 0x15d4  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
13:38:47.0283 0x15d4  Appinfo - ok
13:38:47.0384 0x15d4  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:38:47.0388 0x15d4  Apple Mobile Device Service - ok
13:38:47.0458 0x15d4  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
13:38:47.0486 0x15d4  AppReadiness - ok
13:38:47.0614 0x15d4  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
13:38:47.0680 0x15d4  AppXSvc - ok
13:38:47.0722 0x15d4  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:38:47.0728 0x15d4  arcsas - ok
13:38:47.0820 0x15d4  [ 564CB886D1A968B9798C1AB03F4EB54F, F7F73E5C17C0848462860E367215F5D9D4C52E1AA26B3154EC60BA14CBD56556 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
13:38:47.0826 0x15d4  ASLDRService - ok
13:38:47.0859 0x15d4  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:38:47.0861 0x15d4  ASMMAP64 - ok
13:38:47.0901 0x15d4  [ DB5610839DBEBE48AA963DFA96FD7103, AADB0D5BFE8C28E31266FA48FEE41B82DC8B5D6F3E12238AD3E06C800F2D72A8 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
13:38:47.0905 0x15d4  Asus WebStorage Windows Service - ok
13:38:47.0969 0x15d4  [ 36D09B8F7ABFA3C6BE5A9101F8B6A6E5, 0A5C36D146D73707DCDA263EF96063C63E5B32591EC0C9D781422F729E554D3A ] ASUSGiftBoxDekstop C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe
13:38:47.0985 0x15d4  ASUSGiftBoxDekstop - ok
13:38:48.0009 0x15d4  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:38:48.0011 0x15d4  atapi - ok
13:38:48.0038 0x15d4  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:38:48.0043 0x15d4  ATKGFNEXSrv - ok
13:38:48.0066 0x15d4  [ C435191FAD19B43E5C3082E4275DCE75, 12D8AF471CA89FE59790092EF3274D638B4B978F1F061423F8D70F270121CF7A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
13:38:48.0068 0x15d4  ATKWMIACPIIO - ok
13:38:48.0132 0x15d4  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
13:38:48.0145 0x15d4  AudioEndpointBuilder - ok
13:38:48.0220 0x15d4  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:38:48.0266 0x15d4  Audiosrv - ok
13:38:48.0319 0x15d4  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:38:48.0325 0x15d4  AxInstSV - ok
13:38:48.0386 0x15d4  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:38:48.0412 0x15d4  b06bdrv - ok
13:38:48.0429 0x15d4  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
13:38:48.0432 0x15d4  BasicDisplay - ok
13:38:48.0444 0x15d4  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
13:38:48.0446 0x15d4  BasicRender - ok
13:38:48.0467 0x15d4  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
13:38:48.0468 0x15d4  bcmfn2 - ok
13:38:48.0533 0x15d4  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\Windows\System32\bdesvc.dll
13:38:48.0551 0x15d4  BDESVC - ok
13:38:48.0572 0x15d4  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
13:38:48.0573 0x15d4  Beep - ok
13:38:48.0666 0x15d4  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\Windows\System32\bfe.dll
13:38:48.0708 0x15d4  BFE - ok
13:38:48.0812 0x15d4  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
13:38:48.0861 0x15d4  BITS - ok
13:38:48.0947 0x15d4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:38:48.0970 0x15d4  Bonjour Service - ok
13:38:49.0006 0x15d4  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:38:49.0011 0x15d4  bowser - ok
13:38:49.0075 0x15d4  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
13:38:49.0089 0x15d4  BrokerInfrastructure - ok
13:38:49.0140 0x15d4  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
13:38:49.0148 0x15d4  Browser - ok
13:38:49.0170 0x15d4  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
13:38:49.0173 0x15d4  BthAvrcpTg - ok
13:38:49.0222 0x15d4  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
13:38:49.0225 0x15d4  BthEnum - ok
13:38:49.0271 0x15d4  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
13:38:49.0274 0x15d4  BthHFEnum - ok
13:38:49.0311 0x15d4  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
13:38:49.0313 0x15d4  bthhfhid - ok
13:38:49.0374 0x15d4  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
13:38:49.0391 0x15d4  BthHFSrv - ok
13:38:49.0446 0x15d4  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
13:38:49.0458 0x15d4  BthLEEnum - ok
13:38:49.0483 0x15d4  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
13:38:49.0487 0x15d4  BTHMODEM - ok
13:38:49.0518 0x15d4  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:38:49.0525 0x15d4  BthPan - ok
13:38:49.0661 0x15d4  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
13:38:49.0720 0x15d4  BTHPORT - ok
13:38:49.0776 0x15d4  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
13:38:49.0781 0x15d4  bthserv - ok
13:38:49.0827 0x15d4  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
13:38:49.0832 0x15d4  BTHUSB - ok
13:38:49.0873 0x15d4  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:38:49.0878 0x15d4  cdfs - ok
13:38:49.0912 0x15d4  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
13:38:49.0921 0x15d4  cdrom - ok
13:38:49.0976 0x15d4  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:38:49.0985 0x15d4  CertPropSvc - ok
13:38:50.0008 0x15d4  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
13:38:50.0011 0x15d4  circlass - ok
13:38:50.0080 0x15d4  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
13:38:50.0099 0x15d4  CLFS - ok
13:38:50.0144 0x15d4  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
13:38:50.0146 0x15d4  CmBatt - ok
13:38:50.0206 0x15d4  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:38:50.0234 0x15d4  CNG - ok
13:38:50.0250 0x15d4  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
13:38:50.0252 0x15d4  CompositeBus - ok
13:38:50.0262 0x15d4  COMSysApp - ok
13:38:50.0291 0x15d4  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
13:38:50.0294 0x15d4  condrv - ok
13:38:50.0357 0x15d4  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:38:50.0364 0x15d4  CryptSvc - ok
13:38:50.0389 0x15d4  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
13:38:50.0392 0x15d4  dam - ok
13:38:50.0496 0x15d4  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:38:50.0539 0x15d4  DcomLaunch - ok
13:38:50.0613 0x15d4  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
13:38:50.0641 0x15d4  defragsvc - ok
13:38:50.0717 0x15d4  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
13:38:50.0738 0x15d4  DeviceAssociationService - ok
13:38:50.0796 0x15d4  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
13:38:50.0806 0x15d4  DeviceInstall - ok
13:38:50.0828 0x15d4  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
13:38:50.0835 0x15d4  Dfsc - ok
13:38:50.0907 0x15d4  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:38:50.0926 0x15d4  Dhcp - ok
13:38:51.0054 0x15d4  [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack       C:\Windows\system32\diagtrack.dll
13:38:51.0125 0x15d4  DiagTrack - ok
13:38:51.0159 0x15d4  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
13:38:51.0164 0x15d4  disk - ok
13:38:51.0186 0x15d4  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
13:38:51.0188 0x15d4  dmvsc - ok
13:38:51.0245 0x15d4  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:38:51.0259 0x15d4  Dnscache - ok
13:38:51.0310 0x15d4  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:38:51.0324 0x15d4  dot3svc - ok
13:38:51.0390 0x15d4  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
13:38:51.0401 0x15d4  DPS - ok
13:38:51.0439 0x15d4  [ F07F814FF63E42C2FB1EE9344012A435, A58292306C4F9867D04767180A7D019B42AC29C7C91A24B15386267C2DC14100 ] DriverMFTService C:\Program Files (x86)\Asus\ASUS Video DSP\DriverMFTService.exe
13:38:51.0440 0x15d4  DriverMFTService - ok
13:38:51.0488 0x15d4  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:38:51.0490 0x15d4  drmkaud - ok
13:38:51.0541 0x15d4  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
13:38:51.0553 0x15d4  DsmSvc - ok
13:38:51.0690 0x15d4  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:38:51.0766 0x15d4  DXGKrnl - ok
13:38:51.0833 0x15d4  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\Windows\system32\DRIVERS\e1i63x64.sys
13:38:51.0855 0x15d4  e1iexpress - ok
13:38:51.0905 0x15d4  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
13:38:51.0912 0x15d4  Eaphost - ok
13:38:52.0149 0x15d4  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:38:52.0312 0x15d4  ebdrv - ok
13:38:52.0371 0x15d4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
13:38:52.0376 0x15d4  EFS - ok
13:38:52.0403 0x15d4  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
13:38:52.0408 0x15d4  EhStorClass - ok
13:38:52.0440 0x15d4  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
13:38:52.0447 0x15d4  EhStorTcgDrv - ok
13:38:52.0484 0x15d4  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
13:38:52.0486 0x15d4  ErrDev - ok
13:38:52.0536 0x15d4  [ 7192128B9FDD9F16B8E8CD745509B2C5, FFD31D00E29F5764504F2C35516454B0D212F10FABDD92F5231F7C19D9A9A1F3 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
13:38:52.0556 0x15d4  ETD - ok
13:38:52.0601 0x15d4  [ 936D7C30A2B4469C25F511E49DAB926D, 07954ACCE9EC9863D8EB57326545A961E8719D4939D29ECD0694FDF8B73FC325 ] ETDService      C:\Program Files\Elantech\ETDService.exe
13:38:52.0606 0x15d4  ETDService - ok
13:38:52.0701 0x15d4  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
13:38:52.0728 0x15d4  EventSystem - ok
13:38:52.0825 0x15d4  [ 323740D842252032D57B5DED757C65D5, 617875CA136E0CDA7C4856C4D0C2B233EE09078E5B46C515CA2476CCCE44AF00 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:38:52.0856 0x15d4  EvtEng - ok
13:38:52.0890 0x15d4  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:38:52.0901 0x15d4  exfat - ok
13:38:52.0933 0x15d4  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:38:52.0944 0x15d4  fastfat - ok
13:38:53.0026 0x15d4  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
13:38:53.0060 0x15d4  Fax - ok
13:38:53.0084 0x15d4  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
13:38:53.0086 0x15d4  fdc - ok
13:38:53.0133 0x15d4  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:38:53.0136 0x15d4  fdPHost - ok
13:38:53.0180 0x15d4  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:38:53.0184 0x15d4  FDResPub - ok
13:38:53.0241 0x15d4  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
13:38:53.0249 0x15d4  fhsvc - ok
13:38:53.0272 0x15d4  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:38:53.0277 0x15d4  FileInfo - ok
13:38:53.0301 0x15d4  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:38:53.0303 0x15d4  Filetrace - ok
13:38:53.0329 0x15d4  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
13:38:53.0331 0x15d4  flpydisk - ok
13:38:53.0394 0x15d4  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:38:53.0412 0x15d4  FltMgr - ok
13:38:53.0541 0x15d4  [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache       C:\Windows\system32\FntCache.dll
13:38:53.0610 0x15d4  FontCache - ok
13:38:53.0699 0x15d4  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:38:53.0702 0x15d4  FontCache3.0.0.0 - ok
13:38:53.0753 0x15d4  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:38:53.0756 0x15d4  FsDepends - ok
13:38:53.0797 0x15d4  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:38:53.0799 0x15d4  Fs_Rec - ok
13:38:53.0851 0x15d4  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:38:53.0881 0x15d4  fvevol - ok
13:38:53.0899 0x15d4  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
13:38:53.0901 0x15d4  FxPPM - ok
13:38:53.0927 0x15d4  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:38:53.0931 0x15d4  gagp30kx - ok
13:38:53.0990 0x15d4  [ 4A336C92A790A3F7C2D9952C73FCFA16, 2EB400EBAA2B50A97F442D18107316A172A92660F5D712D1C58D39172C9CD80C ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
13:38:54.0002 0x15d4  GamesAppIntegrationService - ok
13:38:54.0029 0x15d4  [ A404AE536DD73FC8118A15BFF0BD4FC0, EA24D7866FEB40DD72713601E14DBDA60497324222196B8E0791DA656DBF5DA7 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:38:54.0039 0x15d4  GamesAppService - ok
13:38:54.0086 0x15d4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:38:54.0088 0x15d4  GEARAspiWDM - ok
13:38:54.0112 0x15d4  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
13:38:54.0113 0x15d4  gencounter - ok
13:38:54.0218 0x15d4  [ E8B0D36DC2C5B9F06A10D23F24238C72, B84F0789CB5ADEA5062B8F1E45B33A8ABF890EDE4423AB8A39FC3E1C25EFC5EB ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
13:38:54.0274 0x15d4  GfExperienceService - ok
13:38:54.0310 0x15d4  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
13:38:54.0318 0x15d4  GPIOClx0101 - ok
13:38:54.0442 0x15d4  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:38:54.0511 0x15d4  gpsvc - ok
13:38:54.0624 0x15d4  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:38:54.0631 0x15d4  gupdate - ok
13:38:54.0666 0x15d4  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:38:54.0673 0x15d4  gupdatem - ok
13:38:54.0728 0x15d4  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:38:54.0748 0x15d4  HdAudAddService - ok
13:38:54.0776 0x15d4  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
13:38:54.0781 0x15d4  HDAudBus - ok
13:38:54.0801 0x15d4  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
13:38:54.0804 0x15d4  HidBatt - ok
13:38:54.0893 0x15d4  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
13:38:54.0898 0x15d4  HidBth - ok
13:38:54.0924 0x15d4  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
13:38:54.0928 0x15d4  hidi2c - ok
13:38:54.0953 0x15d4  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
13:38:54.0956 0x15d4  HidIr - ok
13:38:55.0007 0x15d4  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
13:38:55.0011 0x15d4  hidserv - ok
13:38:55.0044 0x15d4  [ 894D982CEAB8CD45A56AE2C9988E86C0, AA2DEB62CB69FF1AEF772989342F2CF77CA48F212C9489A92A4FF97FD46D3866 ] HIDSwitch       C:\Windows\System32\drivers\AsHIDSwitch64.sys
13:38:55.0046 0x15d4  HIDSwitch - ok
13:38:55.0066 0x15d4  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
13:38:55.0069 0x15d4  HidUsb - ok
13:38:55.0117 0x15d4  [ 9918B9C21E2033DD1F1872D3D06B418D, 07C5E4236DE258920DB9F742E750C0B5D85479BD01A6DCF049ADA1F092E07B06 ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
13:38:55.0120 0x15d4  hitmanpro37 - ok
13:38:55.0168 0x15d4  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:38:55.0175 0x15d4  hkmsvc - ok
13:38:55.0233 0x15d4  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:38:55.0249 0x15d4  HomeGroupListener - ok
13:38:55.0320 0x15d4  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:38:55.0345 0x15d4  HomeGroupProvider - ok
13:38:55.0368 0x15d4  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:38:55.0372 0x15d4  HpSAMD - ok
13:38:55.0474 0x15d4  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:38:55.0523 0x15d4  HTTP - ok
13:38:55.0562 0x15d4  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:38:55.0564 0x15d4  hwpolicy - ok
13:38:55.0588 0x15d4  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
13:38:55.0589 0x15d4  hyperkbd - ok
13:38:55.0608 0x15d4  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
13:38:55.0610 0x15d4  HyperVideo - ok
13:38:55.0663 0x15d4  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
13:38:55.0669 0x15d4  i8042prt - ok
13:38:55.0682 0x15d4  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
13:38:55.0684 0x15d4  iaLPSSi_GPIO - ok
13:38:55.0709 0x15d4  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
13:38:55.0715 0x15d4  iaLPSSi_I2C - ok
13:38:55.0782 0x15d4  [ D87E782C0EAF4B3A376DE82236EC0FE9, 24B8D4864F9064C41E85B318941DCB064EA825F3D06CE19C82698246FD866D27 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
13:38:55.0815 0x15d4  iaStorA - ok
13:38:55.0880 0x15d4  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
13:38:55.0912 0x15d4  iaStorAV - ok
13:38:55.0958 0x15d4  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:38:55.0978 0x15d4  iaStorV - ok
13:38:56.0046 0x15d4  [ F978C32D6623519A2BD939757C05ECD1, 238F4E6D4D94A68EA1A32424869FF91D77FEB20DAC5CC4CDE8A1767F0B86D8A3 ] ibtsiva         C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
13:38:56.0052 0x15d4  ibtsiva - ok
13:38:56.0097 0x15d4  [ F2A9BCBD6789EAFA50F724AA88F0E301, E4E0FB633B6A5EF12A0F93172484F1AB81264B49515CA4E1A555849BC5EB63F3 ] ibtusb          C:\Windows\system32\DRIVERS\ibtusb.sys
13:38:56.0109 0x15d4  ibtusb - ok
13:38:56.0117 0x15d4  IEEtwCollectorService - ok
13:38:56.0234 0x15d4  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\Windows\System32\ikeext.dll
13:38:56.0289 0x15d4  IKEEXT - ok
13:38:56.0573 0x15d4  [ 01E1A06E738C0EBF3F31D782B345B2BD, F2B0E99CD5598865B10DAA3B23308C8D5C153EB4C58D2C42DCC31D40A5D6AACD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:38:56.0784 0x15d4  IntcAzAudAddService - ok
13:38:56.0947 0x15d4  [ C7BB17877A0F2BF70ABD5AF2FEDFA580, 4238FED3BBF94EE29DEC05A55D65023BAD7407F5B53E411E434D839E6E187256 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
13:38:56.0987 0x15d4  Intel® Capability Licensing Service TCP IP Interface - ok
13:38:57.0051 0x15d4  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
13:38:57.0058 0x15d4  Intel® ME Service - ok
13:38:57.0093 0x15d4  [ 2159516F6832CE0ABF237DF5B018EE2E, E7022D7F985BB0460CDBD7CF68538E64BCD349CEEE021AEAD6804095BF0E9B12 ] IntelHSWPcc     C:\Windows\system32\drivers\IntelPcc.sys
13:38:57.0097 0x15d4  IntelHSWPcc - ok
13:38:57.0116 0x15d4  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:38:57.0118 0x15d4  intelide - ok
13:38:57.0163 0x15d4  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
13:38:57.0165 0x15d4  intelpep - ok
13:38:57.0193 0x15d4  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
13:38:57.0199 0x15d4  intelppm - ok
13:38:57.0241 0x15d4  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:38:57.0246 0x15d4  IpFilterDriver - ok
13:38:57.0352 0x15d4  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:38:57.0399 0x15d4  iphlpsvc - ok
13:38:57.0430 0x15d4  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
13:38:57.0435 0x15d4  IPMIDRV - ok
13:38:57.0450 0x15d4  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:38:57.0458 0x15d4  IPNAT - ok
13:38:57.0541 0x15d4  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:38:57.0573 0x15d4  iPod Service - ok
13:38:57.0613 0x15d4  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:38:57.0615 0x15d4  IRENUM - ok
13:38:57.0625 0x15d4  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:38:57.0627 0x15d4  isapnp - ok
13:38:57.0664 0x15d4  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
13:38:57.0678 0x15d4  iScsiPrt - ok
13:38:57.0728 0x15d4  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
13:38:57.0737 0x15d4  jhi_service - ok
13:38:57.0785 0x15d4  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
13:38:57.0789 0x15d4  kbdclass - ok
13:38:57.0812 0x15d4  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
13:38:57.0815 0x15d4  kbdhid - ok
13:38:57.0847 0x15d4  [ 6C6F4A5FC5A2343995D1B0F111D5CF06, 62282992D3B1634C7BBDD1BCFC13F77FC806AD85B2C667FA09D73355825D19A8 ] kbfiltr         C:\Windows\System32\drivers\kbfiltr.sys
13:38:57.0848 0x15d4  kbfiltr - ok
13:38:57.0870 0x15d4  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
13:38:57.0872 0x15d4  kdnic - ok
13:38:57.0895 0x15d4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
13:38:57.0900 0x15d4  KeyIso - ok
13:38:57.0952 0x15d4  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:38:57.0957 0x15d4  KSecDD - ok
13:38:58.0017 0x15d4  [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:38:58.0026 0x15d4  KSecPkg - ok
13:38:58.0047 0x15d4  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:38:58.0048 0x15d4  ksthunk - ok
13:38:58.0088 0x15d4  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:38:58.0109 0x15d4  KtmRm - ok
13:38:58.0164 0x15d4  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:38:58.0184 0x15d4  LanmanServer - ok
13:38:58.0247 0x15d4  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:38:58.0265 0x15d4  LanmanWorkstation - ok
13:38:58.0347 0x15d4  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
13:38:58.0374 0x15d4  lfsvc - ok
13:38:58.0402 0x15d4  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:38:58.0406 0x15d4  lltdio - ok
13:38:58.0471 0x15d4  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:38:58.0487 0x15d4  lltdsvc - ok
13:38:58.0538 0x15d4  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:38:58.0542 0x15d4  lmhosts - ok
13:38:58.0593 0x15d4  [ 3714AC47F8675E7B67DDC0D6625406FD, 7467197EDD43CAAF9557625C1A6E5AC11ADA7C02D87196E367385CBB76606359 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:38:58.0612 0x15d4  LMS - ok
13:38:58.0659 0x15d4  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:38:58.0665 0x15d4  LSI_SAS - ok
13:38:58.0685 0x15d4  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:38:58.0690 0x15d4  LSI_SAS2 - ok
13:38:58.0710 0x15d4  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
13:38:58.0715 0x15d4  LSI_SAS3 - ok
13:38:58.0737 0x15d4  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
13:38:58.0742 0x15d4  LSI_SSS - ok
13:38:58.0829 0x15d4  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
13:38:58.0870 0x15d4  LSM - ok
13:38:58.0893 0x15d4  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:38:58.0900 0x15d4  luafv - ok
13:38:58.0963 0x15d4  [ A8E193B92BFE2ADA766CCCE52FFD04D0, C833FF1D4652DC58D85BC685E6779A701A0AA27F33148CF979FB23DC78BE5B3B ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:38:58.0965 0x15d4  MBAMProtector - ok
13:38:59.0088 0x15d4  [ 6F3E4341FD7AD75A07D2CEA1811A568E, 6ED1AF9D0DED802C9800F85AD2A497D4B7282155D0C77FD14EB59F256090277C ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
13:38:59.0144 0x15d4  MBAMService - ok
13:38:59.0197 0x15d4  [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
13:38:59.0204 0x15d4  MBAMSwissArmy - ok
13:38:59.0235 0x15d4  [ 0D26EA3022BB9D84B942FB70F505A76D, 805900B4375AEA5467E02CF3D7AA51858FB281CCF5A6000425FAAC534947B385 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:38:59.0239 0x15d4  MBAMWebAccessControl - ok
13:38:59.0264 0x15d4  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
13:38:59.0267 0x15d4  megasas - ok
13:38:59.0333 0x15d4  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
13:38:59.0362 0x15d4  megasr - ok
13:38:59.0406 0x15d4  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
13:38:59.0411 0x15d4  MEIx64 - ok
13:38:59.0463 0x15d4  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
13:38:59.0470 0x15d4  MMCSS - ok
13:38:59.0488 0x15d4  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
13:38:59.0490 0x15d4  Modem - ok
13:38:59.0513 0x15d4  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
13:38:59.0515 0x15d4  monitor - ok
13:38:59.0537 0x15d4  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
13:38:59.0541 0x15d4  mouclass - ok
13:38:59.0586 0x15d4  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
13:38:59.0588 0x15d4  mouhid - ok
13:38:59.0639 0x15d4  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:38:59.0645 0x15d4  mountmgr - ok
13:38:59.0700 0x15d4  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:38:59.0705 0x15d4  mpsdrv - ok
13:38:59.0810 0x15d4  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:38:59.0856 0x15d4  MpsSvc - ok
13:38:59.0953 0x15d4  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:38:59.0960 0x15d4  MRxDAV - ok
13:39:00.0030 0x15d4  [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:39:00.0050 0x15d4  mrxsmb - ok
13:39:00.0082 0x15d4  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:39:00.0097 0x15d4  mrxsmb10 - ok
13:39:00.0123 0x15d4  [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:39:00.0133 0x15d4  mrxsmb20 - ok
13:39:00.0182 0x15d4  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
13:39:00.0189 0x15d4  MsBridge - ok
13:39:00.0245 0x15d4  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
13:39:00.0255 0x15d4  MSDTC - ok
13:39:00.0300 0x15d4  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:39:00.0303 0x15d4  Msfs - ok
13:39:00.0323 0x15d4  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
13:39:00.0325 0x15d4  msgpiowin32 - ok
13:39:00.0344 0x15d4  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:39:00.0345 0x15d4  mshidkmdf - ok
13:39:00.0354 0x15d4  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
13:39:00.0355 0x15d4  mshidumdf - ok
13:39:00.0380 0x15d4  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:39:00.0382 0x15d4  msisadrv - ok
13:39:00.0413 0x15d4  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:39:00.0423 0x15d4  MSiSCSI - ok
13:39:00.0431 0x15d4  msiserver - ok
13:39:00.0465 0x15d4  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:39:00.0467 0x15d4  MSKSSRV - ok
13:39:00.0521 0x15d4  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
13:39:00.0525 0x15d4  MsLldp - ok
13:39:00.0533 0x15d4  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:39:00.0534 0x15d4  MSPCLOCK - ok
13:39:00.0542 0x15d4  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:39:00.0543 0x15d4  MSPQM - ok
13:39:00.0596 0x15d4  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:39:00.0615 0x15d4  MsRPC - ok
13:39:00.0640 0x15d4  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
13:39:00.0643 0x15d4  mssmbios - ok
13:39:00.0667 0x15d4  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:39:00.0668 0x15d4  MSTEE - ok
13:39:00.0685 0x15d4  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
13:39:00.0686 0x15d4  MTConfig - ok
13:39:00.0706 0x15d4  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
13:39:00.0711 0x15d4  Mup - ok
13:39:00.0735 0x15d4  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
13:39:00.0739 0x15d4  mvumis - ok
13:39:00.0786 0x15d4  [ CD8DD76B58803B36FDC7C6B5D68300DD, 7F8672E22BFC2993A50D85F7749C1007FA7C4010FB51CA44F47B2A3028FEC0B7 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
13:39:00.0799 0x15d4  MyWiFiDHCPDNS - ok
13:39:00.0872 0x15d4  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
13:39:00.0897 0x15d4  napagent - ok
13:39:00.0967 0x15d4  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:39:00.0989 0x15d4  NativeWifiP - ok
13:39:01.0038 0x15d4  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
13:39:01.0049 0x15d4  NcaSvc - ok
13:39:01.0098 0x15d4  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
13:39:01.0109 0x15d4  NcbService - ok
13:39:01.0163 0x15d4  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
13:39:01.0170 0x15d4  NcdAutoSetup - ok
13:39:01.0278 0x15d4  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:39:01.0332 0x15d4  NDIS - ok
13:39:01.0376 0x15d4  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:39:01.0379 0x15d4  NdisCap - ok
13:39:01.0431 0x15d4  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
13:39:01.0438 0x15d4  NdisImPlatform - ok
13:39:01.0464 0x15d4  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:39:01.0466 0x15d4  NdisTapi - ok
13:39:01.0491 0x15d4  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:39:01.0494 0x15d4  Ndisuio - ok
13:39:01.0530 0x15d4  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
13:39:01.0531 0x15d4  NdisVirtualBus - ok
13:39:01.0565 0x15d4  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:39:01.0577 0x15d4  NdisWan - ok
13:39:01.0594 0x15d4  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
13:39:01.0605 0x15d4  NdisWanLegacy - ok
13:39:01.0656 0x15d4  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:39:01.0661 0x15d4  NDProxy - ok
13:39:01.0698 0x15d4  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
13:39:01.0704 0x15d4  Ndu - ok
13:39:01.0757 0x15d4  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:39:01.0760 0x15d4  NetBIOS - ok
13:39:01.0792 0x15d4  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:39:01.0806 0x15d4  NetBT - ok
13:39:01.0823 0x15d4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
13:39:01.0828 0x15d4  Netlogon - ok
13:39:01.0888 0x15d4  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
13:39:01.0904 0x15d4  Netman - ok
13:39:01.0988 0x15d4  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
13:39:02.0018 0x15d4  netprofm - ok
13:39:02.0086 0x15d4  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:39:02.0094 0x15d4  NetTcpPortSharing - ok
13:39:02.0135 0x15d4  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
13:39:02.0140 0x15d4  netvsc - ok
13:39:02.0372 0x15d4  [ 3730BCCB23A3A63B3731721039F374BA, 7DB9F002E23F56380B357124755C8137A2BD5D1E71CF71D7BF68DD30765AAEA5 ] NETwNb64        C:\Windows\system32\DRIVERS\Netwbw02.sys
13:39:02.0542 0x15d4  NETwNb64 - ok
13:39:03.0280 0x15d4  [ 272BB8C52BE106B5CC69171AF1D281D4, 3D65A772C15440DF5895843185241D890CCDECA0E02DD6CF32CCB9B5849E31A4 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
13:39:03.0841 0x15d4  NETwNs64 - ok
13:39:03.0954 0x15d4  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:39:03.0976 0x15d4  NlaSvc - ok
13:39:04.0012 0x15d4  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:39:04.0017 0x15d4  Npfs - ok
13:39:04.0041 0x15d4  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
13:39:04.0043 0x15d4  npsvctrig - ok
13:39:04.0100 0x15d4  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
13:39:04.0105 0x15d4  nsi - ok
13:39:04.0157 0x15d4  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:39:04.0159 0x15d4  nsiproxy - ok
13:39:04.0325 0x15d4  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:39:04.0430 0x15d4  Ntfs - ok
13:39:04.0464 0x15d4  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
13:39:04.0465 0x15d4  Null - ok
13:39:04.0506 0x15d4  [ C87B11EB78428853F9E8495C47E53C10, FAE479DB0812967B3FF968773BA998591B4F50BE4329B8349BCA7E6EAB1B0474 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
13:39:04.0516 0x15d4  NVHDA - ok
13:39:05.0296 0x15d4  [ 021D68672EE26594CFCEDF96C1A7430F, EFBEA1FE31DA6926F2D5D1C7292925B5F20FAA59D0330BFB4A38DBB79BA1D148 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:39:05.0926 0x15d4  nvlddmkm - ok
13:39:06.0214 0x15d4  [ 064DDEC72C818AB8881B607A3836E265, 11A2821B874A7B990C81651F54600F9E1064C67AB94CEC7B36DCCC6EE971DEA0 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
13:39:06.0297 0x15d4  NvNetworkService - ok
13:39:06.0328 0x15d4  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:39:06.0336 0x15d4  nvraid - ok
13:39:06.0383 0x15d4  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:39:06.0392 0x15d4  nvstor - ok
13:39:06.0425 0x15d4  [ 9971592B39A038341E8AAE28EA14B95B, 08FCE3B00913DD0F36286A3DFB0C79933B20A5279FD351B99E31F895CBDBA636 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
13:39:06.0426 0x15d4  NvStreamKms - ok
13:39:07.0590 0x15d4  [ 4E4FBA5CE1395937206B85098DEB6321, E0C3D1D667CB2C4EBAEA779767466065F21A1D6EBFD69115FE7A2EEC1C133E64 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
13:39:08.0549 0x15d4  NvStreamSvc - ok
13:39:08.0696 0x15d4  [ BEA9092AE94019C622F0626578B4736D, 832895CAC4E729E4944E519BDBA80B4129B1DA3CC0CBC8E02503E9EA51C1666E ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:39:08.0744 0x15d4  nvsvc - ok
13:39:08.0774 0x15d4  [ 4C24C3BF05653D998662C338A8AC82A3, D5E866D5756488658FBE938FBB4B9D54C92159A3DDF6920AD04157B942920358 ] NVVADARM        C:\Windows\system32\drivers\nvvadarm.sys
13:39:08.0776 0x15d4  NVVADARM - ok
13:39:08.0787 0x15d4  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
13:39:08.0790 0x15d4  nvvad_WaveExtensible - ok
13:39:08.0835 0x15d4  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:39:08.0842 0x15d4  nv_agp - ok
13:39:09.0010 0x15d4  [ 29B093BA6759118DB14AF41026385E03, 660176D122344A79E52FFD9FE3D32D1967D9B22BC4AD76549D839B09693D0713 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
13:39:09.0108 0x15d4  Origin Client Service - ok
13:39:09.0178 0x15d4  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:39:09.0200 0x15d4  p2pimsvc - ok
13:39:09.0266 0x15d4  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
13:39:09.0290 0x15d4  p2psvc - ok
13:39:09.0317 0x15d4  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
13:39:09.0322 0x15d4  Parport - ok
13:39:09.0374 0x15d4  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:39:09.0379 0x15d4  partmgr - ok
13:39:09.0457 0x15d4  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:39:09.0483 0x15d4  PcaSvc - ok
13:39:09.0545 0x15d4  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
13:39:09.0559 0x15d4  pci - ok
13:39:09.0576 0x15d4  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:39:09.0578 0x15d4  pciide - ok
13:39:09.0604 0x15d4  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:39:09.0610 0x15d4  pcmcia - ok
13:39:09.0640 0x15d4  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:39:09.0643 0x15d4  pcw - ok
13:39:09.0687 0x15d4  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
13:39:09.0692 0x15d4  pdc - ok
13:39:09.0735 0x15d4  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:39:09.0769 0x15d4  PEAUTH - ok
13:39:09.0865 0x15d4  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:39:09.0869 0x15d4  PerfHost - ok
13:39:10.0013 0x15d4  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
13:39:10.0092 0x15d4  pla - ok
13:39:10.0146 0x15d4  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:39:10.0155 0x15d4  PlugPlay - ok
13:39:10.0199 0x15d4  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:39:10.0203 0x15d4  PNRPAutoReg - ok
13:39:10.0244 0x15d4  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:39:10.0266 0x15d4  PNRPsvc - ok
13:39:10.0337 0x15d4  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:39:10.0359 0x15d4  PolicyAgent - ok
13:39:10.0417 0x15d4  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
13:39:10.0425 0x15d4  Power - ok
13:39:10.0665 0x15d4  [ C0B3AD50136FE57C2548BD75CAC49DA2, B5661CE7631C5D1B1C50F36EE66AF6DF2E9E69DA1D9BA7C852E74D206F72D8DB ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
13:39:10.0808 0x15d4  PrintNotify - ok
13:39:10.0857 0x15d4  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
13:39:10.0863 0x15d4  Processor - ok
13:39:10.0923 0x15d4  [ C8D39A07CAD9EF1C86BD5D7CAC98DA54, 10146D1E023D9BC5B8CBAADE6A70D87A41BDABAA44D812B609C13563DF25527A ] ProfSvc         C:\Windows\system32\profsvc.dll
13:39:10.0938 0x15d4  ProfSvc - ok
13:39:10.0992 0x15d4  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:39:11.0000 0x15d4  Psched - ok
13:39:11.0063 0x15d4  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
13:39:11.0081 0x15d4  QWAVE - ok
13:39:11.0127 0x15d4  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:39:11.0130 0x15d4  QWAVEdrv - ok
13:39:11.0149 0x15d4  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:39:11.0150 0x15d4  RasAcd - ok
13:39:11.0207 0x15d4  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
13:39:11.0215 0x15d4  RasAuto - ok
13:39:11.0292 0x15d4  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
13:39:11.0321 0x15d4  RasMan - ok
13:39:11.0360 0x15d4  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:39:11.0364 0x15d4  RasPppoe - ok
13:39:11.0422 0x15d4  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:39:11.0442 0x15d4  rdbss - ok
13:39:11.0467 0x15d4  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
13:39:11.0469 0x15d4  rdpbus - ok
13:39:11.0500 0x15d4  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:39:11.0510 0x15d4  RDPDR - ok
13:39:11.0567 0x15d4  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:39:11.0569 0x15d4  RdpVideoMiniport - ok
13:39:11.0599 0x15d4  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:39:11.0612 0x15d4  rdyboost - ok
13:39:11.0721 0x15d4  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
13:39:11.0770 0x15d4  ReFS - ok
13:39:11.0857 0x15d4  [ 23D6449B8D2E2A0CA02A09453853F5B0, 227A151C61D94040F3635E6FBC6238CA3378973EC830755674A306DEE7EC2289 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:39:11.0865 0x15d4  RegSrvc - ok


#13 toggleon

toggleon
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:20 AM

Posted 02 September 2015 - 02:14 PM

13:39:11.0935 0x15d4  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:39:11.0949 0x15d4  RemoteAccess - ok
13:39:12.0022 0x15d4  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:39:12.0034 0x15d4  RemoteRegistry - ok
13:39:12.0092 0x15d4  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
13:39:12.0100 0x15d4  RFCOMM - ok
13:39:12.0149 0x15d4  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:39:12.0156 0x15d4  RpcEptMapper - ok
13:39:12.0200 0x15d4  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
13:39:12.0203 0x15d4  RpcLocator - ok
13:39:12.0308 0x15d4  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
13:39:12.0351 0x15d4  RpcSs - ok
13:39:12.0388 0x15d4  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:39:12.0392 0x15d4  rspndr - ok
13:39:12.0468 0x15d4  [ 3AB1AA5155684F40E2F5215A258D2471, 3D6A5F603FA6809651A006EA31F57920A45642B6B9E8EC80E5399D1301F635E4 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
13:39:12.0511 0x15d4  RTL8168 - ok
13:39:12.0531 0x15d4  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
13:39:12.0532 0x15d4  s3cap - ok
13:39:12.0585 0x15d4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
13:39:12.0590 0x15d4  SamSs - ok
13:39:12.0616 0x15d4  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:39:12.0622 0x15d4  sbp2port - ok
13:39:12.0680 0x15d4  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:39:12.0693 0x15d4  SCardSvr - ok
13:39:12.0752 0x15d4  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
13:39:12.0762 0x15d4  ScDeviceEnum - ok
13:39:12.0812 0x15d4  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:39:12.0814 0x15d4  scfilter - ok
13:39:12.0942 0x15d4  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\Windows\system32\schedsvc.dll
13:39:13.0007 0x15d4  Schedule - ok
13:39:13.0063 0x15d4  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:39:13.0072 0x15d4  SCPolicySvc - ok
13:39:13.0132 0x15d4  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
13:39:13.0144 0x15d4  sdbus - ok
13:39:13.0168 0x15d4  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
13:39:13.0174 0x15d4  sdstor - ok
13:39:13.0212 0x15d4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:39:13.0215 0x15d4  secdrv - ok
13:39:13.0263 0x15d4  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
13:39:13.0269 0x15d4  seclogon - ok
13:39:13.0324 0x15d4  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
13:39:13.0331 0x15d4  SENS - ok
13:39:13.0396 0x15d4  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:39:13.0412 0x15d4  SensrSvc - ok
13:39:13.0464 0x15d4  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
13:39:13.0468 0x15d4  SerCx - ok
13:39:13.0491 0x15d4  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
13:39:13.0499 0x15d4  SerCx2 - ok
13:39:13.0524 0x15d4  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
13:39:13.0526 0x15d4  Serenum - ok
13:39:13.0548 0x15d4  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
13:39:13.0553 0x15d4  Serial - ok
13:39:13.0593 0x15d4  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
13:39:13.0595 0x15d4  sermouse - ok
13:39:13.0672 0x15d4  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
13:39:13.0692 0x15d4  SessionEnv - ok
13:39:13.0702 0x15d4  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
13:39:13.0704 0x15d4  sfloppy - ok
13:39:13.0795 0x15d4  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:39:13.0819 0x15d4  SharedAccess - ok
13:39:13.0901 0x15d4  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:39:13.0935 0x15d4  ShellHWDetection - ok
13:39:13.0964 0x15d4  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:39:13.0967 0x15d4  SiSRaid2 - ok
13:39:13.0994 0x15d4  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:39:13.0999 0x15d4  SiSRaid4 - ok
13:39:14.0121 0x15d4  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:39:14.0137 0x15d4  SkypeUpdate - ok
13:39:14.0194 0x15d4  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
13:39:14.0199 0x15d4  smphost - ok
13:39:14.0259 0x15d4  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:39:14.0263 0x15d4  SNMPTRAP - ok
13:39:14.0346 0x15d4  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
13:39:14.0367 0x15d4  spaceport - ok
13:39:14.0395 0x15d4  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
13:39:14.0399 0x15d4  SpbCx - ok
13:39:14.0499 0x15d4  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
13:39:14.0544 0x15d4  Spooler - ok
13:39:14.0948 0x15d4  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
13:39:15.0260 0x15d4  sppsvc - ok
13:39:15.0323 0x15d4  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:39:15.0343 0x15d4  srv - ok
13:39:15.0428 0x15d4  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:39:15.0461 0x15d4  srv2 - ok
13:39:15.0495 0x15d4  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:39:15.0508 0x15d4  srvnet - ok
13:39:15.0576 0x15d4  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:39:15.0591 0x15d4  SSDPSRV - ok
13:39:15.0642 0x15d4  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:39:15.0652 0x15d4  SstpSvc - ok
13:39:15.0751 0x15d4  [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:39:15.0792 0x15d4  Steam Client Service - ok
13:39:15.0897 0x15d4  [ 9B7FCC5C7642562BCC2249AD2B100C13, C2C6D48D19EB42A14A31E1F9F83D5EB3DBE7B0C83F4E050E6512BC4C9E78A743 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:39:15.0917 0x15d4  Stereo Service - ok
13:39:15.0945 0x15d4  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:39:15.0948 0x15d4  stexstor - ok
13:39:16.0040 0x15d4  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
13:39:16.0076 0x15d4  stisvc - ok
13:39:16.0105 0x15d4  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
13:39:16.0111 0x15d4  storahci - ok
13:39:16.0167 0x15d4  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:39:16.0170 0x15d4  storflt - ok
13:39:16.0197 0x15d4  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
13:39:16.0200 0x15d4  stornvme - ok
13:39:16.0252 0x15d4  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
13:39:16.0257 0x15d4  StorSvc - ok
13:39:16.0283 0x15d4  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:39:16.0286 0x15d4  storvsc - ok
13:39:16.0332 0x15d4  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
13:39:16.0337 0x15d4  svsvc - ok
13:39:16.0386 0x15d4  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
13:39:16.0387 0x15d4  swenum - ok
13:39:16.0483 0x15d4  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
13:39:16.0521 0x15d4  swprv - ok
13:39:16.0633 0x15d4  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
13:39:16.0696 0x15d4  SysMain - ok
13:39:16.0757 0x15d4  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
13:39:16.0775 0x15d4  SystemEventsBroker - ok
13:39:16.0830 0x15d4  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:39:16.0841 0x15d4  TabletInputService - ok
13:39:16.0909 0x15d4  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:39:16.0928 0x15d4  TapiSrv - ok
13:39:17.0121 0x15d4  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:39:17.0243 0x15d4  Tcpip - ok
13:39:17.0387 0x15d4  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:39:17.0508 0x15d4  TCPIP6 - ok
13:39:17.0567 0x15d4  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:39:17.0570 0x15d4  tcpipreg - ok
13:39:17.0596 0x15d4  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:39:17.0602 0x15d4  tdx - ok
13:39:17.0623 0x15d4  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
13:39:17.0626 0x15d4  terminpt - ok
13:39:17.0727 0x15d4  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
13:39:17.0784 0x15d4  TermService - ok
13:39:17.0839 0x15d4  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
13:39:17.0846 0x15d4  Themes - ok
13:39:17.0891 0x15d4  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:39:17.0897 0x15d4  THREADORDER - ok
13:39:18.0032 0x15d4  [ A586B62FA61CB4C7DCE6C72E19B0902C, 7038FD727DB0FFE027A4FD91DCD326E98F7F1C4E0FF4D61DE58B84B00A402CB1 ] ThunderboltService C:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe
13:39:18.0089 0x15d4  ThunderboltService - ok
13:39:18.0150 0x15d4  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
13:39:18.0167 0x15d4  TimeBroker - ok
13:39:18.0216 0x15d4  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
13:39:18.0224 0x15d4  TPM - ok
13:39:18.0279 0x15d4  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
13:39:18.0289 0x15d4  TrkWks - ok
13:39:18.0345 0x15d4  [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
13:39:18.0347 0x15d4  TrueSight - ok
13:39:18.0429 0x15d4  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:39:18.0435 0x15d4  TrustedInstaller - ok
13:39:18.0467 0x15d4  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:39:18.0470 0x15d4  TsUsbFlt - ok
13:39:18.0519 0x15d4  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
13:39:18.0522 0x15d4  TsUsbGD - ok
13:39:18.0563 0x15d4  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:39:18.0571 0x15d4  tunnel - ok
13:39:18.0595 0x15d4  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:39:18.0599 0x15d4  uagp35 - ok
13:39:18.0623 0x15d4  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
13:39:18.0627 0x15d4  UASPStor - ok
13:39:18.0686 0x15d4  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
13:39:18.0696 0x15d4  UCX01000 - ok
13:39:18.0757 0x15d4  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:39:18.0773 0x15d4  udfs - ok
13:39:18.0819 0x15d4  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
13:39:18.0821 0x15d4  UEFI - ok
13:39:18.0866 0x15d4  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:39:18.0872 0x15d4  UI0Detect - ok
13:39:18.0899 0x15d4  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:39:18.0903 0x15d4  uliagpkx - ok
13:39:18.0926 0x15d4  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
13:39:18.0929 0x15d4  umbus - ok
13:39:18.0954 0x15d4  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
13:39:18.0955 0x15d4  UmPass - ok
13:39:19.0017 0x15d4  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:39:19.0036 0x15d4  UmRdpService - ok
13:39:19.0117 0x15d4  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
13:39:19.0143 0x15d4  upnphost - ok
13:39:19.0196 0x15d4  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
13:39:19.0199 0x15d4  USBAAPL64 - ok
13:39:19.0296 0x15d4  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
13:39:19.0304 0x15d4  usbccgp - ok
13:39:19.0334 0x15d4  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
13:39:19.0339 0x15d4  usbcir - ok
13:39:19.0369 0x15d4  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
13:39:19.0374 0x15d4  usbehci - ok
13:39:19.0422 0x15d4  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
13:39:19.0458 0x15d4  usbhub - ok
13:39:19.0591 0x15d4  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
13:39:19.0615 0x15d4  USBHUB3 - ok
13:39:19.0644 0x15d4  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
13:39:19.0647 0x15d4  usbohci - ok
13:39:19.0664 0x15d4  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
13:39:19.0666 0x15d4  usbprint - ok
13:39:19.0724 0x15d4  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
13:39:19.0732 0x15d4  USBSTOR - ok
13:39:19.0754 0x15d4  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
13:39:19.0757 0x15d4  usbuhci - ok
13:39:19.0812 0x15d4  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:39:19.0823 0x15d4  usbvideo - ok
13:39:19.0894 0x15d4  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
13:39:19.0910 0x15d4  USBXHCI - ok
13:39:19.0929 0x15d4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
13:39:19.0934 0x15d4  VaultSvc - ok
13:39:19.0967 0x15d4  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:39:19.0970 0x15d4  vdrvroot - ok
13:39:20.0110 0x15d4  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
13:39:20.0177 0x15d4  vds - ok
13:39:20.0217 0x15d4  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
13:39:20.0226 0x15d4  VerifierExt - ok
13:39:20.0331 0x15d4  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
13:39:20.0359 0x15d4  vhdmp - ok
13:39:20.0397 0x15d4  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:39:20.0399 0x15d4  viaide - ok
13:39:20.0459 0x15d4  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:39:20.0465 0x15d4  vmbus - ok
13:39:20.0491 0x15d4  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
13:39:20.0493 0x15d4  VMBusHID - ok
13:39:20.0560 0x15d4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
13:39:20.0588 0x15d4  vmicguestinterface - ok
13:39:20.0622 0x15d4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
13:39:20.0650 0x15d4  vmicheartbeat - ok
13:39:20.0684 0x15d4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
13:39:20.0711 0x15d4  vmickvpexchange - ok
13:39:20.0746 0x15d4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
13:39:20.0774 0x15d4  vmicrdv - ok
13:39:20.0807 0x15d4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
13:39:20.0835 0x15d4  vmicshutdown - ok
13:39:20.0885 0x15d4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
13:39:20.0913 0x15d4  vmictimesync - ok
13:39:20.0947 0x15d4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
13:39:20.0974 0x15d4  vmicvss - ok
13:39:21.0012 0x15d4  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:39:21.0016 0x15d4  volmgr - ok
13:39:21.0051 0x15d4  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:39:21.0070 0x15d4  volmgrx - ok
13:39:21.0101 0x15d4  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:39:21.0117 0x15d4  volsnap - ok
13:39:21.0139 0x15d4  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
13:39:21.0143 0x15d4  vpci - ok
13:39:21.0172 0x15d4  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:39:21.0182 0x15d4  vsmraid - ok
13:39:21.0310 0x15d4  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\Windows\system32\vssvc.exe
13:39:21.0384 0x15d4  VSS - ok
13:39:21.0439 0x15d4  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
13:39:21.0454 0x15d4  VSTXRAID - ok
13:39:21.0479 0x15d4  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:39:21.0481 0x15d4  vwifibus - ok
13:39:21.0500 0x15d4  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:39:21.0504 0x15d4  vwififlt - ok
13:39:21.0528 0x15d4  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:39:21.0531 0x15d4  vwifimp - ok
13:39:21.0602 0x15d4  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
13:39:21.0626 0x15d4  W32Time - ok
13:39:21.0658 0x15d4  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
13:39:21.0660 0x15d4  WacomPen - ok
13:39:21.0787 0x15d4  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
13:39:21.0867 0x15d4  wbengine - ok
13:39:21.0921 0x15d4  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:39:21.0947 0x15d4  WbioSrvc - ok
13:39:22.0014 0x15d4  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
13:39:22.0036 0x15d4  Wcmsvc - ok
13:39:22.0084 0x15d4  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:39:22.0110 0x15d4  wcncsvc - ok
13:39:22.0158 0x15d4  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:39:22.0164 0x15d4  WcsPlugInService - ok
13:39:22.0216 0x15d4  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
13:39:22.0219 0x15d4  WdBoot - ok
13:39:22.0294 0x15d4  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:39:22.0336 0x15d4  Wdf01000 - ok
13:39:22.0374 0x15d4  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
13:39:22.0388 0x15d4  WdFilter - ok
13:39:22.0436 0x15d4  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:39:22.0445 0x15d4  WdiServiceHost - ok
13:39:22.0455 0x15d4  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:39:22.0464 0x15d4  WdiSystemHost - ok
13:39:22.0515 0x15d4  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
13:39:22.0521 0x15d4  WdNisDrv - ok
13:39:22.0550 0x15d4  WdNisSvc - ok
13:39:22.0611 0x15d4  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll
13:39:22.0626 0x15d4  WebClient - ok
13:39:22.0696 0x15d4  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:39:22.0710 0x15d4  Wecsvc - ok
13:39:22.0765 0x15d4  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
13:39:22.0770 0x15d4  WEPHOSTSVC - ok
13:39:22.0812 0x15d4  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:39:22.0820 0x15d4  wercplsupport - ok
13:39:22.0854 0x15d4  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
13:39:22.0863 0x15d4  WerSvc - ok
13:39:22.0904 0x15d4  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
13:39:22.0912 0x15d4  WFPLWFS - ok
13:39:22.0935 0x15d4  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
13:39:22.0942 0x15d4  WiaRpc - ok
13:39:22.0969 0x15d4  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:39:22.0972 0x15d4  WIMMount - ok
13:39:22.0977 0x15d4  WinDefend - ok
13:39:23.0083 0x15d4  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
13:39:23.0126 0x15d4  WinHttpAutoProxySvc - ok
13:39:23.0228 0x15d4  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:39:23.0241 0x15d4  Winmgmt - ok
13:39:23.0434 0x15d4  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:39:23.0571 0x15d4  WinRM - ok
13:39:23.0616 0x15d4  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\System32\drivers\WinUSB.sys
13:39:23.0621 0x15d4  WinUsb - ok
13:39:23.0731 0x15d4  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
13:39:23.0810 0x15d4  WlanSvc - ok
13:39:23.0951 0x15d4  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
13:39:24.0035 0x15d4  wlidsvc - ok
13:39:24.0056 0x15d4  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
13:39:24.0058 0x15d4  WmiAcpi - ok
13:39:24.0121 0x15d4  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:39:24.0133 0x15d4  wmiApSrv - ok
13:39:24.0161 0x15d4  WMPNetworkSvc - ok
13:39:24.0195 0x15d4  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
13:39:24.0204 0x15d4  Wof - ok
13:39:24.0349 0x15d4  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
13:39:24.0434 0x15d4  workfolderssvc - ok
13:39:24.0479 0x15d4  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
13:39:24.0482 0x15d4  wpcfltr - ok
13:39:24.0527 0x15d4  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:39:24.0532 0x15d4  WPCSvc - ok
13:39:24.0588 0x15d4  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:39:24.0596 0x15d4  WPDBusEnum - ok
13:39:24.0612 0x15d4  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
13:39:24.0614 0x15d4  WpdUpFltr - ok
13:39:24.0656 0x15d4  [ A7BE5632F68A8A9CC16FF8310687FAD8, 193CB636FC57E31CCCCBBE2B03FBC852496CEB2E751ADAE325136FDD661FE4A1 ] WRkrn           C:\Windows\system32\drivers\WRkrn.sys
13:39:24.0663 0x15d4  WRkrn - ok
13:39:24.0735 0x15d4  [ 9C92F1DE6A6E61804AF13B512342F72E, 63E7286478D4DC13B0CE1DFF5592E0D405EAEF9FF1273EE678BBA37FEB7A0E97 ] WRSVC           C:\Program Files\Webroot\WRSA.exe
13:39:24.0776 0x15d4  WRSVC - ok
13:39:24.0825 0x15d4  [ D28DB7F5E40D885CE398C2E66B99C78D, 451636B20B5B58D417ED2D790D68505925B3048C33E42B3215BFC5DC124B57AE ] wrUrlFlt        C:\Windows\system32\DRIVERS\wrUrlFlt.sys
13:39:24.0828 0x15d4  wrUrlFlt - ok
13:39:24.0845 0x15d4  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:39:24.0847 0x15d4  ws2ifsl - ok
13:39:24.0904 0x15d4  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
13:39:24.0915 0x15d4  wscsvc - ok
13:39:24.0924 0x15d4  WSearch - ok
13:39:25.0174 0x15d4  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
13:39:25.0345 0x15d4  WSService - ok
13:39:25.0619 0x15d4  [ BB6F53F80AA1789815963C16E303A973, B140D5A4633C39E84A5C7DB86C7E869FB5D993B924998BF8CC2B8F07E382CCEA ] wuauserv        C:\Windows\system32\wuaueng.dll
13:39:25.0802 0x15d4  wuauserv - ok
13:39:25.0862 0x15d4  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:39:25.0868 0x15d4  WudfPf - ok
13:39:25.0907 0x15d4  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
13:39:25.0919 0x15d4  WUDFRd - ok
13:39:25.0936 0x15d4  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\Windows\System32\drivers\WUDFRd.sys
13:39:25.0948 0x15d4  WUDFSensorLP - ok
13:39:25.0998 0x15d4  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:39:26.0007 0x15d4  wudfsvc - ok
13:39:26.0027 0x15d4  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
13:39:26.0038 0x15d4  WUDFWpdMtp - ok
13:39:26.0114 0x15d4  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:39:26.0143 0x15d4  WwanSvc - ok
13:39:26.0150 0x15d4  xhunter1 - ok
13:39:26.0414 0x15d4  [ 75044F6FC44045047B15415B89E4D1B4, 43461141A326B99C218C3712725767C08825963EA9D430CBA03D4978E15EF23E ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
13:39:26.0600 0x15d4  ZeroConfigService - ok
13:39:26.0659 0x15d4  ================ Scan global ===============================
13:39:26.0709 0x15d4  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
13:39:26.0776 0x15d4  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
13:39:26.0831 0x15d4  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
13:39:26.0905 0x15d4  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
13:39:26.0929 0x15d4  [ Global ] - ok
13:39:26.0930 0x15d4  ================ Scan MBR ==================================
13:39:26.0949 0x15d4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:39:26.0969 0x15d4  \Device\Harddisk0\DR0 - ok
13:39:26.0970 0x15d4  ================ Scan VBR ==================================
13:39:26.0975 0x15d4  [ 14FBCDF808AD77ACFB9679739B937A76 ] \Device\Harddisk0\DR0\Partition1
13:39:27.0029 0x15d4  \Device\Harddisk0\DR0\Partition1 - ok
13:39:27.0051 0x15d4  [ 73A596BF8B3B0C4789CB9EF07BCC05F0 ] \Device\Harddisk0\DR0\Partition2
13:39:27.0114 0x15d4  \Device\Harddisk0\DR0\Partition2 - ok
13:39:27.0127 0x15d4  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
13:39:27.0128 0x15d4  \Device\Harddisk0\DR0\Partition3 - ok
13:39:27.0137 0x15d4  [ D42978EF689F12DAE5BF27589FD3A0F2 ] \Device\Harddisk0\DR0\Partition4
13:39:27.0206 0x15d4  \Device\Harddisk0\DR0\Partition4 - ok
13:39:27.0232 0x15d4  [ C0CBC4492B109D63ED2D07FCD10FBD4A ] \Device\Harddisk0\DR0\Partition5
13:39:27.0252 0x15d4  \Device\Harddisk0\DR0\Partition5 - ok
13:39:27.0253 0x15d4  ================ Scan generic autorun ======================
13:39:27.0436 0x15d4  [ E515A22A8DB5350A94248FBCF09F089D, 8C6859D81DAE4F01EDA958A26BDFE351D7ACEF7755B9AA831552DC64069F2E22 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
13:39:27.0556 0x15d4  NvBackend - ok
13:39:27.0614 0x15d4  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
13:39:27.0620 0x15d4  ShadowPlay - ok
13:39:27.0621 0x15d4  ETDCtrl - ok
13:39:27.0638 0x15d4  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
13:39:27.0644 0x15d4  Logitech Download Assistant - ok
13:39:27.0702 0x15d4  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
13:39:27.0710 0x15d4  iTunesHelper - ok
13:39:27.0788 0x15d4  [ EC160CC63955C4C4845C056962F9987F, 99AC2E788982742B9539C519F2E779C78C34CDF8CACBB4D34FF20F3E47981F5D ] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe
13:39:27.0792 0x15d4  WebStorage - ok
13:39:27.0853 0x15d4  [ 724B6062BE3453798619A1E6037FEE3B, F689F42B3C622202FCD6535911EA970951C64D995A8D402A189770F347518349 ] C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
13:39:27.0875 0x15d4  ROGNB - ok
13:39:28.0055 0x15d4  [ 67A288BF454228D0F00E965C28D79174, C7959A12A5BAB2456B3D639E258A45EA2B0A9AEF52DE6D18D2C2BFA354F1D253 ] C:\Program Files (x86)\ASUS\ASUS ROG MacroKey\Hid.exe
13:39:28.0158 0x15d4  ASUS ROG MacroKey - ok
13:39:28.0212 0x15d4  [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
13:39:28.0216 0x15d4  amd_dc_opt - ok
13:39:28.0286 0x15d4  [ 9C92F1DE6A6E61804AF13B512342F72E, 63E7286478D4DC13B0CE1DFF5592E0D405EAEF9FF1273EE678BBA37FEB7A0E97 ] C:\Program Files\Webroot\WRSA.exe
13:39:28.0325 0x15d4  WRSVC - ok
13:39:28.0390 0x15d4  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:39:28.0418 0x15d4  SunJavaUpdateSched - ok
13:39:28.0660 0x15d4  [ 86BF17A265E1B4BA41325623EC132E66, 4414B5F01A78B76BFC1A7C39F595645A09E674FA6DE7991F31BA6673EEB23F9E ] C:\Program Files (x86)\Steam\steam.exe
13:39:28.0797 0x15d4  Steam - ok
13:39:29.0071 0x15d4  [ F2B4338E54D09E15E28E170B3EB2B430, 6B7008C4D58806D8D67F0E860138A1660BAC3000CE239C34480E40379F792B6F ] C:\Program Files (x86)\Origin\Origin.exe
13:39:29.0243 0x15d4  EADM - ok
13:39:29.0821 0x15d4  [ FCDACA1AF0B509E66743B77219D945FD, 9824753462013A7F1854E7CB33A377EE294CDEF2AE69CF07FB8DAC9BB8EF42BA ] C:\Users\Eva1\AppData\Roaming\Spotify\Spotify.exe
13:39:30.0168 0x15d4  Spotify - ok
13:39:30.0315 0x15d4  [ 737D03644DF148E71E39D371B8E425CE, 8C0FCA191959DD8F0B96EC5EF3441759881F3AE087B3525B20701B5AE122C3A9 ] C:\Program Files (x86)\Clownfish\Clownfish.exe
13:39:30.0383 0x15d4  Clownfish - ok
13:39:30.0536 0x15d4  [ EB3FC00CB2703FDA6081B4ED33C943F0, 256D8083ED18F80C9871FC1B4E146E33692989F673F5FE45A9C648BB66218991 ] C:\Users\Eva1\AppData\Roaming\Spotify\SpotifyWebHelper.exe
13:39:30.0632 0x15d4  Spotify Web Helper - ok
13:39:30.0638 0x15d4  Waiting for KSN requests completion. In queue: 133
13:39:31.0638 0x15d4  Waiting for KSN requests completion. In queue: 133
13:39:32.0639 0x15d4  Waiting for KSN requests completion. In queue: 133
13:39:33.0704 0x15d4  AV detected via SS2: Webroot SecureAnywhere, C:\Program Files\Webroot\WRSA.exe ( 9.0.2.21 ), 0x41000 ( enabled : updated )
13:39:33.0705 0x15d4  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
13:39:33.0712 0x15d4  Win FW state via NFP2: enabled ( trusted )
13:39:36.0234 0x15d4  ============================================================
13:39:36.0234 0x15d4  Scan finished
13:39:36.0234 0x15d4  ============================================================
13:39:36.0253 0x22c4  Detected object count: 0
13:39:36.0253 0x22c4  Actual detected object count: 0
13:40:50.0852 0x1370  ============================================================
13:40:50.0852 0x1370  Scan started
13:40:50.0852 0x1370  Mode: Manual; SigCheck; TDLFS; 
13:40:50.0852 0x1370  ============================================================
13:40:50.0853 0x1370  KSN ping started
13:40:53.0392 0x1370  KSN ping finished: true
13:40:55.0316 0x1370  ================ Scan system memory ========================
13:40:55.0316 0x1370  System memory - ok
13:40:55.0317 0x1370  ================ Scan services =============================
13:40:55.0509 0x1370  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
13:40:55.0604 0x1370  1394ohci - ok
13:40:55.0677 0x1370  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
13:40:55.0708 0x1370  3ware - ok
13:40:55.0803 0x1370  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:40:55.0866 0x1370  ACPI - ok
13:40:55.0897 0x1370  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
13:40:55.0926 0x1370  acpiex - ok
13:40:55.0961 0x1370  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
13:40:55.0986 0x1370  acpipagr - ok
13:40:55.0995 0x1370  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
13:40:56.0021 0x1370  AcpiPmi - ok
13:40:56.0031 0x1370  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
13:40:56.0058 0x1370  acpitime - ok
13:40:56.0125 0x1370  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
13:40:56.0206 0x1370  ADP80XX - ok
13:40:56.0274 0x1370  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:40:56.0315 0x1370  AeLookupSvc - ok
13:40:56.0370 0x1370  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
13:40:56.0431 0x1370  AFD - ok
13:40:56.0515 0x1370  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
13:40:56.0610 0x1370  AgereSoftModem - ok
13:40:56.0650 0x1370  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:40:56.0676 0x1370  agp440 - ok
13:40:56.0725 0x1370  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
13:40:56.0755 0x1370  ahcache - ok
13:40:56.0791 0x1370  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
13:40:56.0819 0x1370  AiCharger - ok
13:40:56.0870 0x1370  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
13:40:56.0899 0x1370  ALG - ok
13:40:56.0926 0x1370  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
13:40:56.0955 0x1370  AmdK8 - ok
13:40:56.0984 0x1370  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
13:40:57.0012 0x1370  AmdPPM - ok
13:40:57.0045 0x1370  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:40:57.0072 0x1370  amdsata - ok
13:40:57.0095 0x1370  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:40:57.0135 0x1370  amdsbs - ok
13:40:57.0159 0x1370  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:40:57.0183 0x1370  amdxata - ok
13:40:57.0242 0x1370  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
13:40:57.0271 0x1370  AppID - ok
13:40:57.0326 0x1370  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:40:57.0354 0x1370  AppIDSvc - ok
13:40:57.0404 0x1370  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
13:40:57.0436 0x1370  Appinfo - ok
13:40:57.0545 0x1370  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:40:57.0566 0x1370  Apple Mobile Device Service - ok
13:40:57.0643 0x1370  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
13:40:57.0702 0x1370  AppReadiness - ok
13:40:57.0910 0x1370  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
13:40:58.0018 0x1370  AppXSvc - ok
13:40:58.0073 0x1370  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:40:58.0106 0x1370  arcsas - ok
13:40:58.0205 0x1370  [ 564CB886D1A968B9798C1AB03F4EB54F, F7F73E5C17C0848462860E367215F5D9D4C52E1AA26B3154EC60BA14CBD56556 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
13:40:58.0229 0x1370  ASLDRService - ok
13:40:58.0267 0x1370  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:40:58.0283 0x1370  ASMMAP64 - ok
13:40:58.0330 0x1370  [ DB5610839DBEBE48AA963DFA96FD7103, AADB0D5BFE8C28E31266FA48FEE41B82DC8B5D6F3E12238AD3E06C800F2D72A8 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
13:40:58.0342 0x1370  Asus WebStorage Windows Service - detected UnsignedFile.Multi.Generic ( 1 )
13:40:58.0510 0x1370  Asus WebStorage Windows Service ( UnsignedFile.Multi.Generic ) - warning
13:41:01.0139 0x1370  [ 36D09B8F7ABFA3C6BE5A9101F8B6A6E5, 0A5C36D146D73707DCDA263EF96063C63E5B32591EC0C9D781422F729E554D3A ] ASUSGiftBoxDekstop C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe
13:41:01.0174 0x1370  ASUSGiftBoxDekstop - ok
13:41:01.0222 0x1370  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:41:01.0248 0x1370  atapi - ok
13:41:01.0274 0x1370  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:41:01.0294 0x1370  ATKGFNEXSrv - ok
13:41:01.0357 0x1370  [ C435191FAD19B43E5C3082E4275DCE75, 12D8AF471CA89FE59790092EF3274D638B4B978F1F061423F8D70F270121CF7A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
13:41:01.0374 0x1370  ATKWMIACPIIO - ok
13:41:01.0457 0x1370  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
13:41:01.0503 0x1370  AudioEndpointBuilder - ok
13:41:01.0589 0x1370  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:41:01.0671 0x1370  Audiosrv - ok
13:41:01.0731 0x1370  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:41:01.0762 0x1370  AxInstSV - ok
13:41:01.0834 0x1370  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:41:01.0896 0x1370  b06bdrv - ok
13:41:01.0929 0x1370  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
13:41:01.0958 0x1370  BasicDisplay - ok
13:41:01.0989 0x1370  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
13:41:02.0015 0x1370  BasicRender - ok
13:41:02.0066 0x1370  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
13:41:02.0083 0x1370  bcmfn2 - ok
13:41:02.0166 0x1370  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\Windows\System32\bdesvc.dll
13:41:02.0212 0x1370  BDESVC - ok
13:41:02.0239 0x1370  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
13:41:02.0267 0x1370  Beep - ok
13:41:02.0379 0x1370  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\Windows\System32\bfe.dll
13:41:02.0457 0x1370  BFE - ok
13:41:02.0571 0x1370  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
13:41:02.0658 0x1370  BITS - ok
13:41:02.0737 0x1370  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:41:02.0778 0x1370  Bonjour Service - ok
13:41:02.0817 0x1370  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:41:02.0847 0x1370  bowser - ok
13:41:02.0909 0x1370  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
13:41:02.0951 0x1370  BrokerInfrastructure - ok
13:41:03.0008 0x1370  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
13:41:03.0040 0x1370  Browser - ok
13:41:03.0071 0x1370  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
13:41:03.0098 0x1370  BthAvrcpTg - ok
13:41:03.0145 0x1370  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
13:41:03.0184 0x1370  BthEnum - ok
13:41:03.0238 0x1370  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
13:41:03.0265 0x1370  BthHFEnum - ok
13:41:03.0312 0x1370  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
13:41:03.0338 0x1370  bthhfhid - ok
13:41:03.0419 0x1370  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
13:41:03.0463 0x1370  BthHFSrv - ok
13:41:03.0551 0x1370  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
13:41:03.0587 0x1370  BthLEEnum - ok
13:41:03.0618 0x1370  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
13:41:03.0647 0x1370  BTHMODEM - ok
13:41:03.0675 0x1370  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:41:03.0705 0x1370  BthPan - ok
13:41:03.0840 0x1370  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
13:41:03.0935 0x1370  BTHPORT - ok
13:41:03.0987 0x1370  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
13:41:04.0016 0x1370  bthserv - ok
13:41:04.0072 0x1370  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
13:41:04.0100 0x1370  BTHUSB - ok
13:41:04.0140 0x1370  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:41:04.0182 0x1370  cdfs - ok
13:41:04.0212 0x1370  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
13:41:04.0246 0x1370  cdrom - ok
13:41:04.0299 0x1370  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:41:04.0395 0x1370  CertPropSvc - ok
13:41:04.0418 0x1370  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
13:41:04.0447 0x1370  circlass - ok
13:41:04.0523 0x1370  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
13:41:04.0574 0x1370  CLFS - ok
13:41:04.0654 0x1370  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
13:41:04.0679 0x1370  CmBatt - ok
13:41:04.0738 0x1370  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:41:04.0803 0x1370  CNG - ok
13:41:04.0822 0x1370  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
13:41:04.0851 0x1370  CompositeBus - ok
13:41:04.0861 0x1370  COMSysApp - ok
13:41:04.0890 0x1370  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
13:41:04.0919 0x1370  condrv - ok
13:41:04.0979 0x1370  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:41:05.0019 0x1370  CryptSvc - ok
13:41:05.0044 0x1370  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
13:41:05.0070 0x1370  dam - ok
13:41:05.0163 0x1370  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:41:05.0239 0x1370  DcomLaunch - ok
13:41:05.0336 0x1370  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
13:41:05.0391 0x1370  defragsvc - ok
13:41:05.0462 0x1370  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
13:41:05.0513 0x1370  DeviceAssociationService - ok
13:41:05.0564 0x1370  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
13:41:05.0597 0x1370  DeviceInstall - ok
13:41:05.0617 0x1370  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
13:41:05.0648 0x1370  Dfsc - ok
13:41:05.0718 0x1370  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:41:05.0783 0x1370  Dhcp - ok
13:41:05.0919 0x1370  [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack       C:\Windows\system32\diagtrack.dll
13:41:06.0029 0x1370  DiagTrack - ok
13:41:06.0073 0x1370  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
13:41:06.0101 0x1370  disk - ok
13:41:06.0118 0x1370  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
13:41:06.0143 0x1370  dmvsc - ok
13:41:06.0199 0x1370  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:41:06.0239 0x1370  Dnscache - ok
13:41:06.0297 0x1370  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:41:06.0339 0x1370  dot3svc - ok
13:41:06.0400 0x1370  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
13:41:06.0438 0x1370  DPS - ok
13:41:06.0482 0x1370  [ F07F814FF63E42C2FB1EE9344012A435, A58292306C4F9867D04767180A7D019B42AC29C7C91A24B15386267C2DC14100 ] DriverMFTService C:\Program Files (x86)\Asus\ASUS Video DSP\DriverMFTService.exe
13:41:06.0490 0x1370  DriverMFTService - detected UnsignedFile.Multi.Generic ( 1 )
13:41:06.0490 0x1370  Detect skipped due to KSN trusted
13:41:06.0490 0x1370  DriverMFTService - ok
13:41:06.0532 0x1370  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:41:06.0555 0x1370  drmkaud - ok
13:41:06.0606 0x1370  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
13:41:06.0644 0x1370  DsmSvc - ok
13:41:06.0779 0x1370  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:41:06.0912 0x1370  DXGKrnl - ok
13:41:06.0976 0x1370  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\Windows\system32\DRIVERS\e1i63x64.sys
13:41:07.0029 0x1370  e1iexpress - ok
13:41:07.0082 0x1370  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
13:41:07.0122 0x1370  Eaphost - ok
13:41:07.0343 0x1370  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:41:07.0607 0x1370  ebdrv - ok
13:41:07.0669 0x1370  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
13:41:07.0697 0x1370  EFS - ok
13:41:07.0723 0x1370  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
13:41:07.0751 0x1370  EhStorClass - ok
13:41:07.0784 0x1370  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
13:41:07.0814 0x1370  EhStorTcgDrv - ok
13:41:07.0849 0x1370  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
13:41:07.0873 0x1370  ErrDev - ok
13:41:07.0946 0x1370  [ 7192128B9FDD9F16B8E8CD745509B2C5, FFD31D00E29F5764504F2C35516454B0D212F10FABDD92F5231F7C19D9A9A1F3 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
13:41:07.0986 0x1370  ETD - ok
13:41:08.0054 0x1370  [ 936D7C30A2B4469C25F511E49DAB926D, 07954ACCE9EC9863D8EB57326545A961E8719D4939D29ECD0694FDF8B73FC325 ] ETDService      C:\Program Files\Elantech\ETDService.exe
13:41:08.0075 0x1370  ETDService - ok
13:41:08.0166 0x1370  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
13:41:08.0223 0x1370  EventSystem - ok
13:41:08.0322 0x1370  [ 323740D842252032D57B5DED757C65D5, 617875CA136E0CDA7C4856C4D0C2B233EE09078E5B46C515CA2476CCCE44AF00 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:41:08.0377 0x1370  EvtEng - ok
13:41:08.0411 0x1370  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:41:08.0462 0x1370  exfat - ok
13:41:08.0497 0x1370  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:41:08.0535 0x1370  fastfat - ok
13:41:08.0636 0x1370  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
13:41:08.0700 0x1370  Fax - ok
13:41:08.0726 0x1370  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
13:41:08.0753 0x1370  fdc - ok
13:41:08.0820 0x1370  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:41:08.0846 0x1370  fdPHost - ok
13:41:08.0889 0x1370  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:41:08.0918 0x1370  FDResPub - ok
13:41:08.0971 0x1370  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
13:41:09.0004 0x1370  fhsvc - ok
13:41:09.0026 0x1370  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:41:09.0053 0x1370  FileInfo - ok
13:41:09.0077 0x1370  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:41:09.0117 0x1370  Filetrace - ok
13:41:09.0138 0x1370  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
13:41:09.0165 0x1370  flpydisk - ok
13:41:09.0237 0x1370  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:41:09.0285 0x1370  FltMgr - ok
13:41:09.0418 0x1370  [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache       C:\Windows\system32\FntCache.dll
13:41:09.0525 0x1370  FontCache - ok
13:41:09.0620 0x1370  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:41:09.0645 0x1370  FontCache3.0.0.0 - ok
13:41:09.0695 0x1370  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:41:09.0721 0x1370  FsDepends - ok
13:41:09.0761 0x1370  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:41:09.0786 0x1370  Fs_Rec - ok
13:41:09.0839 0x1370  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:41:09.0904 0x1370  fvevol - ok
13:41:09.0930 0x1370  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
13:41:09.0956 0x1370  FxPPM - ok
13:41:09.0980 0x1370  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:41:10.0006 0x1370  gagp30kx - ok
13:41:10.0065 0x1370  [ 4A336C92A790A3F7C2D9952C73FCFA16, 2EB400EBAA2B50A97F442D18107316A172A92660F5D712D1C58D39172C9CD80C ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
13:41:10.0094 0x1370  GamesAppIntegrationService - ok
13:41:10.0126 0x1370  [ A404AE536DD73FC8118A15BFF0BD4FC0, EA24D7866FEB40DD72713601E14DBDA60497324222196B8E0791DA656DBF5DA7 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:41:10.0152 0x1370  GamesAppService - ok
13:41:10.0205 0x1370  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:41:10.0222 0x1370  GEARAspiWDM - ok
13:41:10.0252 0x1370  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
13:41:10.0277 0x1370  gencounter - ok
13:41:10.0392 0x1370  [ E8B0D36DC2C5B9F06A10D23F24238C72, B84F0789CB5ADEA5062B8F1E45B33A8ABF890EDE4423AB8A39FC3E1C25EFC5EB ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
13:41:10.0476 0x1370  GfExperienceService - ok
13:41:10.0517 0x1370  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
13:41:10.0550 0x1370  GPIOClx0101 - ok
13:41:10.0672 0x1370  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:41:10.0782 0x1370  gpsvc - ok
13:41:10.0844 0x1370  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:41:10.0866 0x1370  gupdate - ok
13:41:10.0882 0x1370  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:41:10.0903 0x1370  gupdatem - ok
13:41:10.0959 0x1370  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:41:11.0007 0x1370  HdAudAddService - ok
13:41:11.0030 0x1370  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
13:41:11.0059 0x1370  HDAudBus - ok
13:41:11.0088 0x1370  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
13:41:11.0113 0x1370  HidBatt - ok
13:41:11.0158 0x1370  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
13:41:11.0187 0x1370  HidBth - ok
13:41:11.0222 0x1370  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
13:41:11.0250 0x1370  hidi2c - ok
13:41:11.0273 0x1370  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
13:41:11.0300 0x1370  HidIr - ok
13:41:11.0349 0x1370  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
13:41:11.0376 0x1370  hidserv - ok
13:41:11.0408 0x1370  [ 894D982CEAB8CD45A56AE2C9988E86C0, AA2DEB62CB69FF1AEF772989342F2CF77CA48F212C9489A92A4FF97FD46D3866 ] HIDSwitch       C:\Windows\System32\drivers\AsHIDSwitch64.sys
13:41:11.0424 0x1370  HIDSwitch - ok
13:41:11.0452 0x1370  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
13:41:11.0477 0x1370  HidUsb - ok
13:41:11.0514 0x1370  [ 9918B9C21E2033DD1F1872D3D06B418D, 07C5E4236DE258920DB9F742E750C0B5D85479BD01A6DCF049ADA1F092E07B06 ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
13:41:11.0532 0x1370  hitmanpro37 - ok
13:41:11.0587 0x1370  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:41:11.0619 0x1370  hkmsvc - ok
13:41:11.0686 0x1370  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:41:11.0727 0x1370  HomeGroupListener - ok
13:41:11.0805 0x1370  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:41:11.0858 0x1370  HomeGroupProvider - ok
13:41:11.0887 0x1370  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:41:11.0913 0x1370  HpSAMD - ok
13:41:12.0015 0x1370  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:41:12.0108 0x1370  HTTP - ok
13:41:12.0147 0x1370  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:41:12.0170 0x1370  hwpolicy - ok
13:41:12.0195 0x1370  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
13:41:12.0219 0x1370  hyperkbd - ok
13:41:12.0238 0x1370  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
13:41:12.0263 0x1370  HyperVideo - ok
13:41:12.0315 0x1370  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
13:41:12.0345 0x1370  i8042prt - ok
13:41:12.0355 0x1370  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
13:41:12.0373 0x1370  iaLPSSi_GPIO - ok
13:41:12.0395 0x1370  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
13:41:12.0417 0x1370  iaLPSSi_I2C - ok
13:41:12.0490 0x1370  [ D87E782C0EAF4B3A376DE82236EC0FE9, 24B8D4864F9064C41E85B318941DCB064EA825F3D06CE19C82698246FD866D27 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
13:41:12.0572 0x1370  iaStorA - ok
13:41:12.0632 0x1370  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
13:41:12.0688 0x1370  iaStorAV - ok
13:41:12.0733 0x1370  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:41:12.0784 0x1370  iaStorV - ok
13:41:12.0854 0x1370  [ F978C32D6623519A2BD939757C05ECD1, 238F4E6D4D94A68EA1A32424869FF91D77FEB20DAC5CC4CDE8A1767F0B86D8A3 ] ibtsiva         C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
13:41:12.0879 0x1370  ibtsiva - ok
13:41:12.0916 0x1370  [ F2A9BCBD6789EAFA50F724AA88F0E301, E4E0FB633B6A5EF12A0F93172484F1AB81264B49515CA4E1A555849BC5EB63F3 ] ibtusb          C:\Windows\system32\DRIVERS\ibtusb.sys
13:41:12.0947 0x1370  ibtusb - ok
13:41:12.0957 0x1370  IEEtwCollectorService - ok
13:41:13.0075 0x1370  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\Windows\System32\ikeext.dll
13:41:13.0166 0x1370  IKEEXT - ok
13:41:13.0459 0x1370  [ 01E1A06E738C0EBF3F31D782B345B2BD, F2B0E99CD5598865B10DAA3B23308C8D5C153EB4C58D2C42DCC31D40A5D6AACD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:41:13.0735 0x1370  IntcAzAudAddService - ok
13:41:13.0854 0x1370  [ C7BB17877A0F2BF70ABD5AF2FEDFA580, 4238FED3BBF94EE29DEC05A55D65023BAD7407F5B53E411E434D839E6E187256 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
13:41:13.0912 0x1370  Intel® Capability Licensing Service TCP IP Interface - detected UnsignedFile.Multi.Generic ( 1 )
13:41:13.0912 0x1370  Detect skipped due to KSN trusted
13:41:13.0913 0x1370  Intel® Capability Licensing Service TCP IP Interface - ok
13:41:13.0970 0x1370  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
13:41:13.0994 0x1370  Intel® ME Service - ok
13:41:14.0033 0x1370  [ 2159516F6832CE0ABF237DF5B018EE2E, E7022D7F985BB0460CDBD7CF68538E64BCD349CEEE021AEAD6804095BF0E9B12 ] IntelHSWPcc     C:\Windows\system32\drivers\IntelPcc.sys
13:41:14.0058 0x1370  IntelHSWPcc - ok
13:41:14.0079 0x1370  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:41:14.0102 0x1370  intelide - ok
13:41:14.0147 0x1370  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
13:41:14.0172 0x1370  intelpep - ok
13:41:14.0201 0x1370  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
13:41:14.0230 0x1370  intelppm - ok
13:41:14.0254 0x1370  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:41:14.0289 0x1370  IpFilterDriver - ok
13:41:14.0392 0x1370  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:41:14.0480 0x1370  iphlpsvc - ok
13:41:14.0503 0x1370  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
13:41:14.0531 0x1370  IPMIDRV - ok
13:41:14.0549 0x1370  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:41:14.0580 0x1370  IPNAT - ok
13:41:14.0660 0x1370  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:41:14.0713 0x1370  iPod Service - ok
13:41:14.0754 0x1370  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:41:14.0785 0x1370  IRENUM - ok
13:41:14.0796 0x1370  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:41:14.0819 0x1370  isapnp - ok
13:41:14.0860 0x1370  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
13:41:14.0901 0x1370  iScsiPrt - ok
13:41:14.0946 0x1370  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
13:41:14.0971 0x1370  jhi_service - ok
13:41:15.0015 0x1370  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
13:41:15.0041 0x1370  kbdclass - ok
13:41:15.0064 0x1370  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
13:41:15.0089 0x1370  kbdhid - ok
13:41:15.0121 0x1370  [ 6C6F4A5FC5A2343995D1B0F111D5CF06, 62282992D3B1634C7BBDD1BCFC13F77FC806AD85B2C667FA09D73355825D19A8 ] kbfiltr         C:\Windows\System32\drivers\kbfiltr.sys
13:41:15.0137 0x1370  kbfiltr - ok
13:41:15.0178 0x1370  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
13:41:15.0202 0x1370  kdnic - ok
13:41:15.0224 0x1370  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
13:41:15.0253 0x1370  KeyIso - ok
13:41:15.0303 0x1370  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:41:15.0332 0x1370  KSecDD - ok
13:41:15.0390 0x1370  [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:41:15.0427 0x1370  KSecPkg - ok
13:41:15.0465 0x1370  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:41:15.0491 0x1370  ksthunk - ok
13:41:15.0529 0x1370  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:41:15.0580 0x1370  KtmRm - ok
13:41:15.0637 0x1370  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:41:15.0684 0x1370  LanmanServer - ok
13:41:15.0753 0x1370  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:41:15.0798 0x1370  LanmanWorkstation - ok
13:41:15.0874 0x1370  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
13:41:15.0930 0x1370  lfsvc - ok
13:41:15.0952 0x1370  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:41:15.0985 0x1370  lltdio - ok
13:41:16.0020 0x1370  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:41:16.0063 0x1370  lltdsvc - ok
13:41:16.0121 0x1370  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:41:16.0148 0x1370  lmhosts - ok
13:41:16.0209 0x1370  [ 3714AC47F8675E7B67DDC0D6625406FD, 7467197EDD43CAAF9557625C1A6E5AC11ADA7C02D87196E367385CBB76606359 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:41:16.0248 0x1370  LMS - ok
13:41:16.0297 0x1370  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:41:16.0327 0x1370  LSI_SAS - ok
13:41:16.0347 0x1370  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:41:16.0375 0x1370  LSI_SAS2 - ok
13:41:16.0394 0x1370  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
13:41:16.0422 0x1370  LSI_SAS3 - ok
13:41:16.0455 0x1370  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
13:41:16.0482 0x1370  LSI_SSS - ok
13:41:16.0569 0x1370  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
13:41:16.0641 0x1370  LSM - ok
13:41:16.0666 0x1370  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:41:16.0696 0x1370  luafv - ok
13:41:16.0725 0x1370  [ A8E193B92BFE2ADA766CCCE52FFD04D0, C833FF1D4652DC58D85BC685E6779A701A0AA27F33148CF979FB23DC78BE5B3B ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:41:16.0742 0x1370  MBAMProtector - ok
13:41:16.0863 0x1370  [ 6F3E4341FD7AD75A07D2CEA1811A568E, 6ED1AF9D0DED802C9800F85AD2A497D4B7282155D0C77FD14EB59F256090277C ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
13:41:16.0944 0x1370  MBAMService - ok
13:41:16.0993 0x1370  [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
13:41:17.0014 0x1370  MBAMSwissArmy - ok
13:41:17.0041 0x1370  [ 0D26EA3022BB9D84B942FB70F505A76D, 805900B4375AEA5467E02CF3D7AA51858FB281CCF5A6000425FAAC534947B385 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:41:17.0059 0x1370  MBAMWebAccessControl - ok
13:41:17.0081 0x1370  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
13:41:17.0107 0x1370  megasas - ok
13:41:17.0161 0x1370  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
13:41:17.0225 0x1370  megasr - ok
13:41:17.0267 0x1370  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
13:41:17.0289 0x1370  MEIx64 - ok
13:41:17.0335 0x1370  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
13:41:17.0380 0x1370  MMCSS - ok
13:41:17.0403 0x1370  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
13:41:17.0435 0x1370  Modem - ok
13:41:17.0507 0x1370  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
13:41:17.0531 0x1370  monitor - ok
13:41:17.0576 0x1370  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
13:41:17.0601 0x1370  mouclass - ok
13:41:17.0657 0x1370  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
13:41:17.0681 0x1370  mouhid - ok
13:41:17.0733 0x1370  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:41:17.0764 0x1370  mountmgr - ok
13:41:17.0816 0x1370  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:41:17.0843 0x1370  mpsdrv - ok
13:41:17.0949 0x1370  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:41:18.0027 0x1370  MpsSvc - ok
13:41:18.0081 0x1370  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:41:18.0112 0x1370  MRxDAV - ok
13:41:18.0180 0x1370  [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:41:18.0227 0x1370  mrxsmb - ok
13:41:18.0265 0x1370  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:41:18.0306 0x1370  mrxsmb10 - ok
13:41:18.0340 0x1370  [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:41:18.0375 0x1370  mrxsmb20 - ok
13:41:18.0433 0x1370  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
13:41:18.0465 0x1370  MsBridge - ok
13:41:18.0517 0x1370  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
13:41:18.0552 0x1370  MSDTC - ok
13:41:18.0594 0x1370  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:41:18.0623 0x1370  Msfs - ok
13:41:18.0650 0x1370  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
13:41:18.0674 0x1370  msgpiowin32 - ok
13:41:18.0693 0x1370  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:41:18.0719 0x1370  mshidkmdf - ok
13:41:18.0727 0x1370  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
13:41:18.0753 0x1370  mshidumdf - ok
13:41:18.0773 0x1370  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:41:18.0796 0x1370  msisadrv - ok
13:41:18.0846 0x1370  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:41:18.0880 0x1370  MSiSCSI - ok
13:41:18.0888 0x1370  msiserver - ok
13:41:18.0903 0x1370  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:41:18.0929 0x1370  MSKSSRV - ok
13:41:18.0982 0x1370  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
13:41:19.0009 0x1370  MsLldp - ok
13:41:19.0018 0x1370  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:41:19.0043 0x1370  MSPCLOCK - ok
13:41:19.0054 0x1370  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:41:19.0079 0x1370  MSPQM - ok
13:41:19.0139 0x1370  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:41:19.0188 0x1370  MsRPC - ok
13:41:19.0212 0x1370  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
13:41:19.0237 0x1370  mssmbios - ok
13:41:19.0261 0x1370  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:41:19.0286 0x1370  MSTEE - ok
13:41:19.0301 0x1370  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
13:41:19.0327 0x1370  MTConfig - ok
13:41:19.0345 0x1370  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
13:41:19.0372 0x1370  Mup - ok
13:41:19.0397 0x1370  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
13:41:19.0424 0x1370  mvumis - ok
13:41:19.0469 0x1370  [ CD8DD76B58803B36FDC7C6B5D68300DD, 7F8672E22BFC2993A50D85F7749C1007FA7C4010FB51CA44F47B2A3028FEC0B7 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
13:41:19.0500 0x1370  MyWiFiDHCPDNS - ok
13:41:19.0610 0x1370  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
13:41:19.0665 0x1370  napagent - ok
13:41:19.0739 0x1370  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:41:19.0789 0x1370  NativeWifiP - ok
13:41:19.0844 0x1370  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
13:41:19.0880 0x1370  NcaSvc - ok
13:41:19.0926 0x1370  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
13:41:19.0961 0x1370  NcbService - ok
13:41:20.0012 0x1370  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
13:41:20.0044 0x1370  NcdAutoSetup - ok
13:41:20.0159 0x1370  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:41:20.0268 0x1370  NDIS - ok
13:41:20.0335 0x1370  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:41:20.0363 0x1370  NdisCap - ok
13:41:20.0436 0x1370  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
13:41:20.0469 0x1370  NdisImPlatform - ok
13:41:20.0511 0x1370  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:41:20.0536 0x1370  NdisTapi - ok
13:41:20.0572 0x1370  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:41:20.0599 0x1370  Ndisuio - ok
13:41:20.0623 0x1370  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
13:41:20.0654 0x1370  NdisVirtualBus - ok
13:41:20.0692 0x1370  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:41:20.0739 0x1370  NdisWan - ok
13:41:20.0757 0x1370  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
13:41:20.0801 0x1370  NdisWanLegacy - ok
13:41:20.0849 0x1370  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:41:20.0893 0x1370  NDProxy - ok
13:41:20.0947 0x1370  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
13:41:20.0977 0x1370  Ndu - ok
13:41:21.0028 0x1370  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:41:21.0056 0x1370  NetBIOS - ok
13:41:21.0097 0x1370  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:41:21.0156 0x1370  NetBT - ok
13:41:21.0183 0x1370  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
13:41:21.0210 0x1370  Netlogon - ok
13:41:21.0270 0x1370  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
13:41:21.0312 0x1370  Netman - ok
13:41:21.0392 0x1370  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
13:41:21.0453 0x1370  netprofm - ok
13:41:21.0523 0x1370  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:41:21.0556 0x1370  NetTcpPortSharing - ok
13:41:21.0606 0x1370  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
13:41:21.0634 0x1370  netvsc - ok
13:41:21.0865 0x1370  [ 3730BCCB23A3A63B3731721039F374BA, 7DB9F002E23F56380B357124755C8137A2BD5D1E71CF71D7BF68DD30765AAEA5 ] NETwNb64        C:\Windows\system32\DRIVERS\Netwbw02.sys
13:41:22.0132 0x1370  NETwNb64 - ok
13:41:22.0853 0x1370  [ 272BB8C52BE106B5CC69171AF1D281D4, 3D65A772C15440DF5895843185241D890CCDECA0E02DD6CF32CCB9B5849E31A4 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
13:41:23.0568 0x1370  NETwNs64 - ok
13:41:23.0680 0x1370  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:41:23.0728 0x1370  NlaSvc - ok
13:41:23.0759 0x1370  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:41:23.0790 0x1370  Npfs - ok
13:41:23.0810 0x1370  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
13:41:23.0835 0x1370  npsvctrig - ok
13:41:23.0891 0x1370  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
13:41:23.0929 0x1370  nsi - ok
13:41:23.0992 0x1370  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:41:24.0019 0x1370  nsiproxy - ok
13:41:24.0185 0x1370  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:41:24.0353 0x1370  Ntfs - ok
13:41:24.0388 0x1370  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
13:41:24.0415 0x1370  Null - ok
13:41:24.0464 0x1370  [ C87B11EB78428853F9E8495C47E53C10, FAE479DB0812967B3FF968773BA998591B4F50BE4329B8349BCA7E6EAB1B0474 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
13:41:24.0492 0x1370  NVHDA - ok
13:41:25.0279 0x1370  [ 021D68672EE26594CFCEDF96C1A7430F, EFBEA1FE31DA6926F2D5D1C7292925B5F20FAA59D0330BFB4A38DBB79BA1D148 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:41:26.0078 0x1370  nvlddmkm - ok
13:41:26.0273 0x1370  [ 064DDEC72C818AB8881B607A3836E265, 11A2821B874A7B990C81651F54600F9E1064C67AB94CEC7B36DCCC6EE971DEA0 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
13:41:26.0390 0x1370  NvNetworkService - ok
13:41:26.0420 0x1370  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:41:26.0453 0x1370  nvraid - ok
13:41:26.0497 0x1370  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:41:26.0531 0x1370  nvstor - ok
13:41:26.0562 0x1370  [ 9971592B39A038341E8AAE28EA14B95B, 08FCE3B00913DD0F36286A3DFB0C79933B20A5279FD351B99E31F895CBDBA636 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
13:41:26.0577 0x1370  NvStreamKms - ok
13:41:27.0740 0x1370  [ 4E4FBA5CE1395937206B85098DEB6321, E0C3D1D667CB2C4EBAEA779767466065F21A1D6EBFD69115FE7A2EEC1C133E64 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
13:41:28.0959 0x1370  NvStreamSvc - ok
13:41:29.0097 0x1370  [ BEA9092AE94019C622F0626578B4736D, 832895CAC4E729E4944E519BDBA80B4129B1DA3CC0CBC8E02503E9EA51C1666E ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:41:29.0170 0x1370  nvsvc - ok
13:41:29.0209 0x1370  [ 4C24C3BF05653D998662C338A8AC82A3, D5E866D5756488658FBE938FBB4B9D54C92159A3DDF6920AD04157B942920358 ] NVVADARM        C:\Windows\system32\drivers\nvvadarm.sys
13:41:29.0226 0x1370  NVVADARM - ok
13:41:29.0237 0x1370  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
13:41:29.0261 0x1370  nvvad_WaveExtensible - ok
13:41:29.0304 0x1370  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:41:29.0335 0x1370  nv_agp - ok
13:41:29.0512 0x1370  [ 29B093BA6759118DB14AF41026385E03, 660176D122344A79E52FFD9FE3D32D1967D9B22BC4AD76549D839B09693D0713 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
13:41:29.0652 0x1370  Origin Client Service - ok
13:41:29.0726 0x1370  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:41:29.0776 0x1370  p2pimsvc - ok
13:41:29.0846 0x1370  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
13:41:29.0898 0x1370  p2psvc - ok
13:41:29.0930 0x1370  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
13:41:29.0961 0x1370  Parport - ok
13:41:30.0009 0x1370  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:41:30.0041 0x1370  partmgr - ok
13:41:30.0124 0x1370  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:41:30.0183 0x1370  PcaSvc - ok
13:41:30.0246 0x1370  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
13:41:30.0288 0x1370  pci - ok
13:41:30.0310 0x1370  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:41:30.0333 0x1370  pciide - ok
13:41:30.0360 0x1370  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:41:30.0390 0x1370  pcmcia - ok
13:41:30.0407 0x1370  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:41:30.0432 0x1370  pcw - ok
13:41:30.0488 0x1370  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
13:41:30.0515 0x1370  pdc - ok
13:41:30.0586 0x1370  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:41:30.0649 0x1370  PEAUTH - ok
13:41:30.0732 0x1370  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:41:30.0761 0x1370  PerfHost - ok
13:41:30.0903 0x1370  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
13:41:31.0024 0x1370  pla - ok
13:41:31.0080 0x1370  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:41:31.0114 0x1370  PlugPlay - ok
13:41:31.0178 0x1370  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:41:31.0209 0x1370  PNRPAutoReg - ok
13:41:31.0291 0x1370  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:41:31.0344 0x1370  PNRPsvc - ok
13:41:31.0450 0x1370  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:41:31.0501 0x1370  PolicyAgent - ok
13:41:31.0574 0x1370  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
13:41:31.0604 0x1370  Power - ok
13:41:32.0159 0x1370  [ C0B3AD50136FE57C2548BD75CAC49DA2, B5661CE7631C5D1B1C50F36EE66AF6DF2E9E69DA1D9BA7C852E74D206F72D8DB ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
13:41:32.0384 0x1370  PrintNotify - ok
13:41:32.0452 0x1370  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
13:41:32.0480 0x1370  Processor - ok
13:41:32.0546 0x1370  [ C8D39A07CAD9EF1C86BD5D7CAC98DA54, 10146D1E023D9BC5B8CBAADE6A70D87A41BDABAA44D812B609C13563DF25527A ] ProfSvc         C:\Windows\system32\profsvc.dll
13:41:32.0584 0x1370  ProfSvc - ok
13:41:32.0681 0x1370  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:41:32.0714 0x1370  Psched - ok
13:41:32.0774 0x1370  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
13:41:32.0817 0x1370  QWAVE - ok
13:41:32.0859 0x1370  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:41:32.0885 0x1370  QWAVEdrv - ok
13:41:32.0926 0x1370  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:41:32.0951 0x1370  RasAcd - ok
13:41:33.0017 0x1370  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
13:41:33.0050 0x1370  RasAuto - ok
13:41:33.0124 0x1370  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
13:41:33.0182 0x1370  RasMan - ok
13:41:33.0214 0x1370  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:41:33.0249 0x1370  RasPppoe - ok
13:41:33.0298 0x1370  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:41:33.0351 0x1370  rdbss - ok
13:41:33.0378 0x1370  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
13:41:33.0401 0x1370  rdpbus - ok
13:41:33.0432 0x1370  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:41:33.0467 0x1370  RDPDR - ok
13:41:33.0522 0x1370  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:41:33.0547 0x1370  RdpVideoMiniport - ok
13:41:33.0588 0x1370  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:41:33.0628 0x1370  rdyboost - ok
13:41:33.0732 0x1370  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
13:41:33.0820 0x1370  ReFS - ok
13:41:33.0924 0x1370  [ 23D6449B8D2E2A0CA02A09453853F5B0, 227A151C61D94040F3635E6FBC6238CA3378973EC830755674A306DEE7EC2289 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:41:33.0948 0x1370  RegSrvc - ok
13:41:34.0012 0x1370  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:41:34.0051 0x1370  RemoteAccess - ok
13:41:34.0122 0x1370  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:41:34.0158 0x1370  RemoteRegistry - ok
13:41:34.0225 0x1370  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
13:41:34.0258 0x1370  RFCOMM - ok
13:41:34.0304 0x1370  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:41:34.0335 0x1370  RpcEptMapper - ok
13:41:34.0376 0x1370  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
13:41:34.0401 0x1370  RpcLocator - ok
13:41:34.0506 0x1370  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
13:41:34.0582 0x1370  RpcSs - ok
13:41:34.0619 0x1370  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:41:34.0658 0x1370  rspndr - ok
13:41:34.0734 0x1370  [ 3AB1AA5155684F40E2F5215A258D2471, 3D6A5F603FA6809651A006EA31F57920A45642B6B9E8EC80E5399D1301F635E4 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
13:41:34.0801 0x1370  RTL8168 - ok
13:41:34.0819 0x1370  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
13:41:34.0842 0x1370  s3cap - ok
13:41:34.0895 0x1370  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
13:41:34.0922 0x1370  SamSs - ok
13:41:34.0959 0x1370  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:41:34.0988 0x1370  sbp2port - ok
13:41:35.0046 0x1370  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:41:35.0086 0x1370  SCardSvr - ok
13:41:35.0140 0x1370  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
13:41:35.0177 0x1370  ScDeviceEnum - ok
13:41:35.0222 0x1370  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:41:35.0249 0x1370  scfilter - ok
13:41:35.0375 0x1370  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\Windows\system32\schedsvc.dll
13:41:35.0478 0x1370  Schedule - ok
13:41:35.0550 0x1370  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:41:35.0584 0x1370  SCPolicySvc - ok
13:41:35.0642 0x1370  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
13:41:35.0682 0x1370  sdbus - ok
13:41:35.0712 0x1370  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
13:41:35.0739 0x1370  sdstor - ok
13:41:35.0777 0x1370  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:41:35.0802 0x1370  secdrv - ok
13:41:35.0852 0x1370  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
13:41:35.0881 0x1370  seclogon - ok
13:41:35.0934 0x1370  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
13:41:35.0967 0x1370  SENS - ok
13:41:36.0028 0x1370  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:41:36.0068 0x1370  SensrSvc - ok
13:41:36.0096 0x1370  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
13:41:36.0123 0x1370  SerCx - ok
13:41:36.0157 0x1370  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
13:41:36.0190 0x1370  SerCx2 - ok
13:41:36.0212 0x1370  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
13:41:36.0238 0x1370  Serenum - ok
13:41:36.0269 0x1370  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
13:41:36.0297 0x1370  Serial - ok
13:41:36.0347 0x1370  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
13:41:36.0371 0x1370  sermouse - ok
13:41:36.0448 0x1370  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
13:41:36.0500 0x1370  SessionEnv - ok
13:41:36.0511 0x1370  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
13:41:36.0537 0x1370  sfloppy - ok
13:41:36.0616 0x1370  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:41:36.0668 0x1370  SharedAccess - ok
13:41:36.0721 0x1370  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:41:36.0801 0x1370  ShellHWDetection - ok
13:41:36.0839 0x1370  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:41:36.0865 0x1370  SiSRaid2 - ok
13:41:36.0892 0x1370  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:41:36.0920 0x1370  SiSRaid4 - ok
13:41:37.0030 0x1370  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:41:37.0073 0x1370  SkypeUpdate - ok
13:41:37.0114 0x1370  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
13:41:37.0141 0x1370  smphost - ok
13:41:37.0201 0x1370  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:41:37.0228 0x1370  SNMPTRAP - ok
13:41:37.0311 0x1370  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
13:41:37.0363 0x1370  spaceport - ok
13:41:37.0393 0x1370  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
13:41:37.0420 0x1370  SpbCx - ok
13:41:37.0519 0x1370  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
13:41:37.0613 0x1370  Spooler - ok
13:41:38.0017 0x1370  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
13:41:38.0520 0x1370  sppsvc - ok
13:41:38.0608 0x1370  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:41:38.0657 0x1370  srv - ok
13:41:38.0747 0x1370  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:41:38.0811 0x1370  srv2 - ok
13:41:38.0847 0x1370  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:41:38.0884 0x1370  srvnet - ok
13:41:38.0939 0x1370  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:41:38.0981 0x1370  SSDPSRV - ok
13:41:39.0042 0x1370  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:41:39.0076 0x1370  SstpSvc - ok
13:41:39.0181 0x1370  [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:41:39.0245 0x1370  Steam Client Service - ok
13:41:39.0384 0x1370  [ 9B7FCC5C7642562BCC2249AD2B100C13, C2C6D48D19EB42A14A31E1F9F83D5EB3DBE7B0C83F4E050E6512BC4C9E78A743 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:41:39.0422 0x1370  Stereo Service - ok
13:41:39.0466 0x1370  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:41:39.0490 0x1370  stexstor - ok
13:41:39.0582 0x1370  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
13:41:39.0650 0x1370  stisvc - ok
13:41:39.0692 0x1370  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
13:41:39.0721 0x1370  storahci - ok
13:41:39.0820 0x1370  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:41:39.0846 0x1370  storflt - ok
13:41:40.0171 0x1370  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
13:41:40.0198 0x1370  stornvme - ok
13:41:40.0249 0x1370  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
13:41:40.0275 0x1370  StorSvc - ok
13:41:40.0301 0x1370  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:41:40.0325 0x1370  storvsc - ok
13:41:40.0373 0x1370  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
13:41:40.0399 0x1370  svsvc - ok
13:41:40.0449 0x1370  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
13:41:40.0472 0x1370  swenum - ok
13:41:40.0558 0x1370  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
13:41:40.0630 0x1370  swprv - ok
13:41:40.0807 0x1370  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
13:41:40.0907 0x1370  SysMain - ok
13:41:40.0965 0x1370  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
13:41:41.0008 0x1370  SystemEventsBroker - ok
13:41:41.0059 0x1370  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:41:41.0093 0x1370  TabletInputService - ok
13:41:41.0160 0x1370  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:41:41.0214 0x1370  TapiSrv - ok
13:41:41.0407 0x1370  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:41:41.0607 0x1370  Tcpip - ok
13:41:41.0753 0x1370  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:41:41.0952 0x1370  TCPIP6 - ok
13:41:42.0063 0x1370  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:41:42.0088 0x1370  tcpipreg - ok
13:41:42.0148 0x1370  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:41:42.0178 0x1370  tdx - ok
13:41:42.0275 0x1370  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
13:41:42.0300 0x1370  terminpt - ok
13:41:42.0412 0x1370  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
13:41:42.0506 0x1370  TermService - ok
13:41:42.0557 0x1370  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
13:41:42.0587 0x1370  Themes - ok
13:41:42.0642 0x1370  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:41:42.0671 0x1370  THREADORDER - ok
13:41:42.0805 0x1370  [ A586B62FA61CB4C7DCE6C72E19B0902C, 7038FD727DB0FFE027A4FD91DCD326E98F7F1C4E0FF4D61DE58B84B00A402CB1 ] ThunderboltService C:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe
13:41:42.0891 0x1370  ThunderboltService - ok
13:41:42.0956 0x1370  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
13:41:42.0997 0x1370  TimeBroker - ok
13:41:43.0054 0x1370  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
13:41:43.0088 0x1370  TPM - ok
13:41:43.0139 0x1370  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
13:41:43.0172 0x1370  TrkWks - ok
13:41:43.0228 0x1370  [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
13:41:43.0253 0x1370  TrueSight - ok
13:41:43.0337 0x1370  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:41:43.0369 0x1370  TrustedInstaller - ok
13:41:43.0406 0x1370  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:41:43.0432 0x1370  TsUsbFlt - ok
13:41:43.0492 0x1370  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
13:41:43.0516 0x1370  TsUsbGD - ok
13:41:43.0569 0x1370  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:41:43.0607 0x1370  tunnel - ok
13:41:43.0634 0x1370  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:41:43.0660 0x1370  uagp35 - ok
13:41:43.0696 0x1370  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
13:41:43.0723 0x1370  UASPStor - ok
13:41:43.0792 0x1370  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
13:41:43.0828 0x1370  UCX01000 - ok
13:41:43.0887 0x1370  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:41:43.0928 0x1370  udfs - ok
13:41:43.0991 0x1370  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
13:41:44.0015 0x1370  UEFI - ok
13:41:44.0117 0x1370  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:41:44.0145 0x1370  UI0Detect - ok
13:41:44.0171 0x1370  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:41:44.0198 0x1370  uliagpkx - ok
13:41:44.0243 0x1370  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
13:41:44.0270 0x1370  umbus - ok
13:41:44.0370 0x1370  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
13:41:44.0396 0x1370  UmPass - ok
13:41:44.0457 0x1370  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:41:44.0501 0x1370  UmRdpService - ok
13:41:44.0567 0x1370  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
13:41:44.0621 0x1370  upnphost - ok
13:41:44.0678 0x1370  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
13:41:44.0704 0x1370  USBAAPL64 - ok
13:41:44.0786 0x1370  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
13:41:44.0818 0x1370  usbccgp - ok
13:41:44.0873 0x1370  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
13:41:44.0901 0x1370  usbcir - ok
13:41:44.0962 0x1370  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
13:41:44.0990 0x1370  usbehci - ok
13:41:45.0031 0x1370  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
13:41:45.0084 0x1370  usbhub - ok
13:41:45.0164 0x1370  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
13:41:45.0220 0x1370  USBHUB3 - ok
13:41:45.0250 0x1370  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
13:41:45.0275 0x1370  usbohci - ok
13:41:45.0302 0x1370  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
13:41:45.0328 0x1370  usbprint - ok
13:41:45.0384 0x1370  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
13:41:45.0417 0x1370  USBSTOR - ok
13:41:45.0448 0x1370  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
13:41:45.0473 0x1370  usbuhci - ok
13:41:45.0539 0x1370  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:41:45.0574 0x1370  usbvideo - ok
13:41:45.0654 0x1370  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
13:41:45.0700 0x1370  USBXHCI - ok
13:41:45.0722 0x1370  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
13:41:45.0750 0x1370  VaultSvc - ok
13:41:45.0782 0x1370  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:41:45.0806 0x1370  vdrvroot - ok
13:41:45.0926 0x1370  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
13:41:46.0035 0x1370  vds - ok
13:41:46.0066 0x1370  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
13:41:46.0100 0x1370  VerifierExt - ok
13:41:46.0188 0x1370  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
13:41:46.0251 0x1370  vhdmp - ok
13:41:46.0291 0x1370  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:41:46.0314 0x1370  viaide - ok
13:41:46.0365 0x1370  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:41:46.0392 0x1370  vmbus - ok
13:41:46.0419 0x1370  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
13:41:46.0443 0x1370  VMBusHID - ok
13:41:46.0510 0x1370  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
13:41:46.0567 0x1370  vmicguestinterface - ok
13:41:46.0601 0x1370  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
13:41:46.0657 0x1370  vmicheartbeat - ok
13:41:46.0692 0x1370  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
13:41:46.0747 0x1370  vmickvpexchange - ok
13:41:46.0782 0x1370  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
13:41:46.0838 0x1370  vmicrdv - ok
13:41:46.0877 0x1370  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
13:41:46.0933 0x1370  vmicshutdown - ok
13:41:46.0967 0x1370  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
13:41:47.0023 0x1370  vmictimesync - ok
13:41:47.0058 0x1370  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
13:41:47.0114 0x1370  vmicvss - ok
13:41:47.0137 0x1370  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:41:47.0165 0x1370  volmgr - ok
13:41:47.0209 0x1370  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:41:47.0259 0x1370  volmgrx - ok
13:41:47.0294 0x1370  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:41:47.0338 0x1370  volsnap - ok
13:41:47.0365 0x1370  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
13:41:47.0392 0x1370  vpci - ok
13:41:47.0421 0x1370  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:41:47.0455 0x1370  vsmraid - ok
13:41:47.0579 0x1370  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\Windows\system32\vssvc.exe
13:41:47.0695 0x1370  VSS - ok
13:41:47.0742 0x1370  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
13:41:47.0786 0x1370  VSTXRAID - ok
13:41:47.0806 0x1370  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:41:47.0830 0x1370  vwifibus - ok
13:41:47.0849 0x1370  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:41:47.0876 0x1370  vwififlt - ok
13:41:47.0899 0x1370  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:41:47.0923 0x1370  vwifimp - ok
13:41:47.0996 0x1370  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
13:41:48.0059 0x1370  W32Time - ok
13:41:48.0085 0x1370  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
13:41:48.0110 0x1370  WacomPen - ok
13:41:48.0236 0x1370  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
13:41:48.0356 0x1370  wbengine - ok
13:41:48.0436 0x1370  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:41:48.0490 0x1370  WbioSrvc - ok
13:41:48.0529 0x1370  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
13:41:48.0579 0x1370  Wcmsvc - ok
13:41:48.0654 0x1370  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:41:48.0708 0x1370  wcncsvc - ok
13:41:48.0751 0x1370  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:41:48.0779 0x1370  WcsPlugInService - ok
13:41:48.0830 0x1370  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
13:41:48.0857 0x1370  WdBoot - ok
13:41:48.0931 0x1370  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:41:49.0004 0x1370  Wdf01000 - ok
13:41:49.0044 0x1370  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
13:41:49.0090 0x1370  WdFilter - ok
13:41:49.0150 0x1370  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:41:49.0186 0x1370  WdiServiceHost - ok
13:41:49.0198 0x1370  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:41:49.0234 0x1370  WdiSystemHost - ok
13:41:49.0286 0x1370  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
13:41:49.0316 0x1370  WdNisDrv - ok
13:41:49.0343 0x1370  WdNisSvc - ok
13:41:49.0404 0x1370  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll
13:41:49.0443 0x1370  WebClient - ok
13:41:49.0510 0x1370  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:41:49.0551 0x1370  Wecsvc - ok
13:41:49.0601 0x1370  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
13:41:49.0630 0x1370  WEPHOSTSVC - ok
13:41:49.0682 0x1370  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:41:49.0731 0x1370  wercplsupport - ok
13:41:49.0768 0x1370  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
13:41:49.0805 0x1370  WerSvc - ok
13:41:49.0841 0x1370  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
13:41:49.0873 0x1370  WFPLWFS - ok
13:41:49.0904 0x1370  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
13:41:49.0933 0x1370  WiaRpc - ok
13:41:49.0949 0x1370  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:41:49.0973 0x1370  WIMMount - ok
13:41:49.0979 0x1370  WinDefend - ok
13:41:50.0086 0x1370  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
13:41:50.0161 0x1370  WinHttpAutoProxySvc - ok
13:41:50.0331 0x1370  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:41:50.0370 0x1370  Winmgmt - ok
13:41:50.0570 0x1370  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:41:50.0762 0x1370  WinRM - ok
13:41:50.0809 0x1370  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\System32\drivers\WinUSB.sys
13:41:50.0838 0x1370  WinUsb - ok
13:41:50.0945 0x1370  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
13:41:51.0063 0x1370  WlanSvc - ok
13:41:51.0209 0x1370  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
13:41:51.0335 0x1370  wlidsvc - ok
13:41:51.0369 0x1370  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
13:41:51.0393 0x1370  WmiAcpi - ok
13:41:51.0468 0x1370  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:41:51.0503 0x1370  wmiApSrv - ok
13:41:51.0529 0x1370  WMPNetworkSvc - ok
13:41:51.0563 0x1370  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
13:41:51.0596 0x1370  Wof - ok
13:41:51.0750 0x1370  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
13:41:51.0878 0x1370  workfolderssvc - ok
13:41:51.0926 0x1370  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
13:41:51.0952 0x1370  wpcfltr - ok
13:41:51.0997 0x1370  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:41:52.0024 0x1370  WPCSvc - ok
13:41:52.0080 0x1370  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:41:52.0111 0x1370  WPDBusEnum - ok
13:41:52.0126 0x1370  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
13:41:52.0151 0x1370  WpdUpFltr - ok
13:41:52.0193 0x1370  [ A7BE5632F68A8A9CC16FF8310687FAD8, 193CB636FC57E31CCCCBBE2B03FBC852496CEB2E751ADAE325136FDD661FE4A1 ] WRkrn           C:\Windows\system32\drivers\WRkrn.sys
13:41:52.0218 0x1370  WRkrn - ok
13:41:52.0294 0x1370  [ 9C92F1DE6A6E61804AF13B512342F72E, 63E7286478D4DC13B0CE1DFF5592E0D405EAEF9FF1273EE678BBA37FEB7A0E97 ] WRSVC           C:\Program Files\Webroot\WRSA.exe
13:41:52.0362 0x1370  WRSVC - ok
13:41:52.0418 0x1370  [ D28DB7F5E40D885CE398C2E66B99C78D, 451636B20B5B58D417ED2D790D68505925B3048C33E42B3215BFC5DC124B57AE ] wrUrlFlt        C:\Windows\system32\DRIVERS\wrUrlFlt.sys
13:41:52.0435 0x1370  wrUrlFlt - ok
13:41:52.0459 0x1370  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:41:52.0490 0x1370  ws2ifsl - ok
13:41:52.0551 0x1370  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
13:41:52.0585 0x1370  wscsvc - ok
13:41:52.0594 0x1370  WSearch - ok
13:41:52.0844 0x1370  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
13:41:53.0132 0x1370  WSService - ok
13:41:53.0421 0x1370  [ BB6F53F80AA1789815963C16E303A973, B140D5A4633C39E84A5C7DB86C7E869FB5D993B924998BF8CC2B8F07E382CCEA ] wuauserv        C:\Windows\system32\wuaueng.dll
13:41:53.0668 0x1370  wuauserv - ok
13:41:53.0734 0x1370  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:41:53.0765 0x1370  WudfPf - ok
13:41:53.0799 0x1370  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
13:41:53.0835 0x1370  WUDFRd - ok
13:41:53.0855 0x1370  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\Windows\System32\drivers\WUDFRd.sys
13:41:53.0890 0x1370  WUDFSensorLP - ok
13:41:53.0944 0x1370  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:41:53.0977 0x1370  wudfsvc - ok
13:41:53.0997 0x1370  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
13:41:54.0033 0x1370  WUDFWpdMtp - ok
13:41:54.0115 0x1370  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:41:54.0173 0x1370  WwanSvc - ok
13:41:54.0180 0x1370  xhunter1 - ok
13:41:54.0450 0x1370  [ 75044F6FC44045047B15415B89E4D1B4, 43461141A326B99C218C3712725767C08825963EA9D430CBA03D4978E15EF23E ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
13:41:54.0692 0x1370  ZeroConfigService - ok
13:41:54.0723 0x1370  ================ Scan global ===============================
13:41:54.0777 0x1370  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
13:41:54.0833 0x1370  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
13:41:54.0888 0x1370  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
13:41:54.0952 0x1370  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
13:41:54.0976 0x1370  [ Global ] - ok
13:41:54.0977 0x1370  ================ Scan MBR ==================================
13:41:54.0995 0x1370  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:41:55.0089 0x1370  \Device\Harddisk0\DR0 - ok
13:41:55.0090 0x1370  ================ Scan VBR ==================================
13:41:55.0095 0x1370  [ 14FBCDF808AD77ACFB9679739B937A76 ] \Device\Harddisk0\DR0\Partition1
13:41:55.0131 0x1370  \Device\Harddisk0\DR0\Partition1 - ok
13:41:55.0153 0x1370  [ 73A596BF8B3B0C4789CB9EF07BCC05F0 ] \Device\Harddisk0\DR0\Partition2
13:41:55.0217 0x1370  \Device\Harddisk0\DR0\Partition2 - ok
13:41:55.0229 0x1370  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
13:41:55.0230 0x1370  \Device\Harddisk0\DR0\Partition3 - ok
13:41:55.0239 0x1370  [ D42978EF689F12DAE5BF27589FD3A0F2 ] \Device\Harddisk0\DR0\Partition4
13:41:55.0308 0x1370  \Device\Harddisk0\DR0\Partition4 - ok
13:41:55.0334 0x1370  [ C0CBC4492B109D63ED2D07FCD10FBD4A ] \Device\Harddisk0\DR0\Partition5
13:41:55.0352 0x1370  \Device\Harddisk0\DR0\Partition5 - ok
13:41:55.0354 0x1370  ================ Scan generic autorun ======================
13:41:55.0537 0x1370  [ E515A22A8DB5350A94248FBCF09F089D, 8C6859D81DAE4F01EDA958A26BDFE351D7ACEF7755B9AA831552DC64069F2E22 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
13:41:55.0702 0x1370  NvBackend - ok
13:41:55.0760 0x1370  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
13:41:55.0806 0x1370  ShadowPlay - ok
13:41:55.0807 0x1370  ETDCtrl - ok
13:41:55.0820 0x1370  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
13:41:55.0854 0x1370  Logitech Download Assistant - ok
13:41:55.0914 0x1370  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
13:41:55.0936 0x1370  iTunesHelper - ok
13:41:56.0011 0x1370  [ EC160CC63955C4C4845C056962F9987F, 99AC2E788982742B9539C519F2E779C78C34CDF8CACBB4D34FF20F3E47981F5D ] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe
13:41:56.0028 0x1370  WebStorage - ok
13:41:56.0098 0x1370  [ 724B6062BE3453798619A1E6037FEE3B, F689F42B3C622202FCD6535911EA970951C64D995A8D402A189770F347518349 ] C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
13:41:56.0132 0x1370  ROGNB - detected UnsignedFile.Multi.Generic ( 1 )
13:41:56.0133 0x1370  ROGNB ( UnsignedFile.Multi.Generic ) - warning
13:41:58.0819 0x1370  [ 67A288BF454228D0F00E965C28D79174, C7959A12A5BAB2456B3D639E258A45EA2B0A9AEF52DE6D18D2C2BFA354F1D253 ] C:\Program Files (x86)\ASUS\ASUS ROG MacroKey\Hid.exe
13:41:58.0949 0x1370  ASUS ROG MacroKey - detected UnsignedFile.Multi.Generic ( 1 )
13:41:58.0949 0x1370  Detect skipped due to KSN trusted
13:41:58.0949 0x1370  ASUS ROG MacroKey - ok
13:41:58.0997 0x1370  [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
13:41:59.0024 0x1370  amd_dc_opt - detected UnsignedFile.Multi.Generic ( 1 )
13:41:59.0024 0x1370  Detect skipped due to KSN trusted
13:41:59.0024 0x1370  amd_dc_opt - ok
13:41:59.0094 0x1370  [ 9C92F1DE6A6E61804AF13B512342F72E, 63E7286478D4DC13B0CE1DFF5592E0D405EAEF9FF1273EE678BBA37FEB7A0E97 ] C:\Program Files\Webroot\WRSA.exe
13:41:59.0161 0x1370  WRSVC - ok
13:41:59.0237 0x1370  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:41:59.0286 0x1370  SunJavaUpdateSched - ok
13:41:59.0513 0x1370  [ 86BF17A265E1B4BA41325623EC132E66, 4414B5F01A78B76BFC1A7C39F595645A09E674FA6DE7991F31BA6673EEB23F9E ] C:\Program Files (x86)\Steam\steam.exe
13:41:59.0694 0x1370  Steam - ok
13:41:59.0969 0x1370  [ F2B4338E54D09E15E28E170B3EB2B430, 6B7008C4D58806D8D67F0E860138A1660BAC3000CE239C34480E40379F792B6F ] C:\Program Files (x86)\Origin\Origin.exe
13:42:00.0195 0x1370  EADM - ok
13:42:00.0778 0x1370  [ FCDACA1AF0B509E66743B77219D945FD, 9824753462013A7F1854E7CB33A377EE294CDEF2AE69CF07FB8DAC9BB8EF42BA ] C:\Users\Eva1\AppData\Roaming\Spotify\Spotify.exe
13:42:01.0225 0x1370  Spotify - ok
13:42:01.0378 0x1370  [ 737D03644DF148E71E39D371B8E425CE, 8C0FCA191959DD8F0B96EC5EF3441759881F3AE087B3525B20701B5AE122C3A9 ] C:\Program Files (x86)\Clownfish\Clownfish.exe
13:42:01.0474 0x1370  Clownfish - ok
13:42:01.0633 0x1370  [ EB3FC00CB2703FDA6081B4ED33C943F0, 256D8083ED18F80C9871FC1B4E146E33692989F673F5FE45A9C648BB66218991 ] C:\Users\Eva1\AppData\Roaming\Spotify\SpotifyWebHelper.exe
13:42:01.0770 0x1370  Spotify Web Helper - ok
13:42:01.0787 0x1370  AV detected via SS2: Webroot SecureAnywhere, C:\Program Files\Webroot\WRSA.exe ( 9.0.2.21 ), 0x41000 ( enabled : updated )
13:42:01.0788 0x1370  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
13:42:01.0792 0x1370  Win FW state via NFP2: enabled ( trusted )
13:42:04.0317 0x1370  ============================================================
13:42:04.0317 0x1370  Scan finished
13:42:04.0317 0x1370  ============================================================
13:42:04.0337 0x220c  Detected object count: 2
13:42:04.0337 0x220c  Actual detected object count: 2
13:50:52.0103 0x220c  Asus WebStorage Windows Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:50:52.0103 0x220c  Asus WebStorage Windows Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:50:52.0104 0x220c  ROGNB ( UnsignedFile.Multi.Generic ) - skipped by user
13:50:52.0104 0x220c  ROGNB ( UnsignedFile.Multi.Generic ) - User select action: Skip 


#14 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:20 PM

Posted 02 September 2015 - 02:19 PM

Step 1

rzqZvBe.pngMiniToolBox

  • Please download MiniToolBox and save the file to your Desktop.
  • Close any open windows.
  • Right-Click MiniToolBox.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Check the following items:
    • njvAG80.png
    • 6N6QY9z.png
    • zmWTIXg.png
    • VAFn5gg.png
    • AtULTyM.png
    • 4roTXa5.png
    • kLju9nY.png
    • chxHkm0.png
    • fd89mAB.png
    • vz7b54X.png
  • Click 9Z8u2SR.png.
  • A log (Result.txt) will be created on your Desktop. Copy the contents of the log and paste in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#15 toggleon

toggleon
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:06:20 AM

Posted 02 September 2015 - 02:31 PM

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by Eva1 (administrator) on 02-09-2015 at 14:30:37
Running from "C:\Users\Eva1\Downloads"
Microsoft Windows 8.1  (X64)
Model: G751JL Manufacturer: ASUSTeK COMPUTER INC.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Intel® Dual Band Wireless-AC 7265 = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled taskoffload=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Eva
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : attlocal.net
 
Wireless LAN adapter Local Area Connection* 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 60-57-18-3B-3D-74
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : attlocal.net
   Description . . . . . . . . . . . : Intel® Dual Band Wireless-AC 7265
   Physical Address. . . . . . . . . : 60-57-18-3B-3D-73
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:304:cfa5:1af0::45(Preferred) 
   Lease Obtained. . . . . . . . . . : Tuesday, September 1, 2015 8:59:46 PM
   Lease Expires . . . . . . . . . . : Thursday, October 1, 2015 3:36:57 PM
   IPv6 Address. . . . . . . . . . . : 2602:304:cfa5:1af0:9115:62eb:dcf1:8d84(Preferred) 
   Temporary IPv6 Address. . . . . . : 2602:304:cfa5:1af0:7475:ae5e:e5ec:b857(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::9115:62eb:dcf1:8d84%7(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.158(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, September 1, 2015 8:59:43 PM
   Lease Expires . . . . . . . . . . : Thursday, September 3, 2015 12:49:11 PM
   Default Gateway . . . . . . . . . : fe80::1205:b1ff:fe0e:56f0%7
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 140531480
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-62-3D-E8-08-62-66-54-DB-11
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 60-57-18-3B-3D-77
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 08-62-66-54-DB-11
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  dsldevice.attlocal.net
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2607:f8b0:4000:808::1001
 74.125.227.231
 74.125.227.224
 74.125.227.238
 74.125.227.225
 74.125.227.227
 74.125.227.228
 74.125.227.229
 74.125.227.233
 74.125.227.230
 74.125.227.226
 74.125.227.232
 
 
Pinging google.com [2607:f8b0:4000:807::1003] with 32 bytes of data:
Reply from 2607:f8b0:4000:807::1003: time=196ms 
Reply from 2607:f8b0:4000:807::1003: time=30ms 
 
Ping statistics for 2607:f8b0:4000:807::1003:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 30ms, Maximum = 196ms, Average = 113ms
Server:  dsldevice.attlocal.net
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [2001:4998:58:c02::a9] with 32 bytes of data:
Reply from 2001:4998:58:c02::a9: time=93ms 
Reply from 2001:4998:58:c02::a9: time=95ms 
 
Ping statistics for 2001:4998:58:c02::a9:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 93ms, Maximum = 95ms, Average = 94ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  8...60 57 18 3b 3d 74 ......Microsoft Wi-Fi Direct Virtual Adapter
  7...60 57 18 3b 3d 73 ......Intel® Dual Band Wireless-AC 7265
  5...60 57 18 3b 3d 77 ......Bluetooth Device (Personal Area Network)
  3...08 62 66 54 db 11 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.158     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.158    281
    192.168.1.158  255.255.255.255         On-link     192.168.1.158    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.158    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.158    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.158    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  7    281 ::/0                     fe80::1205:b1ff:fe0e:56f0
  1    306 ::1/128                  On-link
  7    281 2602:304:cfa5:1af0::/64  On-link
  7     41 2602:304:cfa5:1af0::/64  fe80::1205:b1ff:fe0e:56f0
  7    281 2602:304:cfa5:1af0::45/128
                                    On-link
  7    281 2602:304:cfa5:1af0:7475:ae5e:e5ec:b857/128
                                    On-link
  7    281 2602:304:cfa5:1af0:9115:62eb:dcf1:8d84/128
                                    On-link
  7    281 fe80::/64                On-link
  7    281 fe80::9115:62eb:dcf1:8d84/128
                                    On-link
  1    306 ff00::/8                 On-link
  7    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 31%
Total physical RAM: 8141.18 MB
Available physical RAM: 5553.93 MB
Total Virtual: 9421.18 MB
Available Virtual: 6448.97 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:915.4 GB) (Free:425.32 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\EVA
 
Administrator            Eva1                     Guest                    
 
========================= Restore Points ==================================
 
30-08-2015 15:32:20 Revo Uninstaller's restore point - Foxit PhantomPDF
30-08-2015 15:33:19 Removed Foxit PhantomPDF
02-09-2015 13:39:30 Revo Uninstaller's restore point - Google Chrome
 
**** End of log ****





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users