Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can not open MBAM


  • This topic is locked This topic is locked
24 replies to this topic

#1 MrDyll

MrDyll

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 27 November 2015 - 07:44 PM

I turned on my PC after a week of not using it, and constantly BSOD. I managed to fix that by unplugging the power and holding down the power button for 30 seconds. 

 

I can not run Malwerebytes, and MBAM chameleon does not work either. 

 

I have run the Farbar Recovery Scan Tool, here are the results.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-11-2015
Ran by MrDyll (administrator) on MRDYLL-PC (28-11-2015 11:37:58)
Running from C:\Users\MrDyll\Downloads
Loaded Profiles: MrDyll (Available Profiles: MrDyll)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Binary Fortress Software) P:\DisplayFusion\DisplayFusionService.exe
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(iRacing.com Motorsport Simulations, LLC
Bedford, MA 01730) F:\iRacing\iRacingService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Saitek) C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Binary Fortress Software) P:\DisplayFusion\DisplayFusion.exe
(NaturalPoint, Inc.) C:\Program Files (x86)\NaturalPoint\TrackIR5\TrackIR5.exe
(Spotify Ltd) C:\Users\MrDyll\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(BitTorrent Inc.) C:\Users\MrDyll\AppData\Roaming\uTorrent\uTorrent.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Users\MrDyll\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(BitTorrent Inc.) C:\Users\MrDyll\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
(BitTorrent Inc.) C:\Users\MrDyll\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Binary Fortress Software) P:\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Binary Fortress Software) P:\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(EJIE Technology) C:\Program Files (x86)\Clover\clover.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-01-31] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-01-31] (Saitek)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2013-12-13] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-11-20] (Raptr, Inc)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.)
HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\Run: [DisplayFusion] => P:\DisplayFusion\DisplayFusion.exe [8538648 2015-09-22] (Binary Fortress Software)
HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\Run: [Steam] => F:\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\Run: [Trading Paints] => C:\Program Files (x86)\Trading Paints\Trading Paints.exe [233456 2015-01-30] ()
HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\Run: [NaturalPoint] => C:\Program Files (x86)\NaturalPoint\TrackIR5\TrackIR5.exe [12973608 2013-02-04] (NaturalPoint, Inc.)
HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\Run: [RocketDock] => "P:\RocketDock\RocketDock.exe"
HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\Run: [Spotify Web Helper] => C:\Users\MrDyll\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-10] (Spotify Ltd)
HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\Run: [BackUp2689935443] => C:\Users\MrDyll\AppData\Roaming\BackUp2689935443.exe [593920 2009-07-14] ()
HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\Run: [uTorrent] => C:\Users\MrDyll\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-11-14] (BitTorrent Inc.)
HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\MountPoints2: {05b31c22-d384-11e2-a2a2-f46d041e5030} - D:\setup.exe
HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\MountPoints2: {14329949-a200-11e2-8108-806e6f6e6963} - A:\Autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 10.1.1.1
Tcpip\..\Interfaces\{E89D9695-1805-4E29-80AE-9812952CE8FA}: [DhcpNameServer] 10.1.1.1
 
Internet Explorer:
==================
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-26] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: ExplorerWatcher Class -> {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} -> C:\Program Files (x86)\Clover\TabHelper64.dll [2014-01-23] (EJIE Technology)
BHO-x32: Groove Folder Synchronization -> {5AF16DF1-1649-5F90-6952-72AE2CD63D6C} -> C:\Windows\SysWow64\morrrricons.dll [2009-07-14] ()
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll [2009-12-10] (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL [2009-11-17] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-28] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> P:\Arc\Arc\Plugins\ArcPluginIE.dll [2014-05-20] (Perfect World Entertainment Inc)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-10-27] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-26] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-28] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-26] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll [2009-12-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-298172238-1706896589-3872219730-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-26] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\MrDyll\AppData\Roaming\Mozilla\Firefox\Profiles\d0tny1la.default
FF Homepage: hxxp://members.iracing.com/membersite/member/Home.do?page=guide
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-04] (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-04] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [2013-05-30] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-26] (ESN Social Software AB)
FF Plugin-x32: @gpac/osmozilla,version=1.0 -> P:\vlcmkvbleep\nposmozilla.dll [2012-05-25] ( )
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-28] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> F:\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-05-07] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> P:\Arc\Arc\Plugins\npArcPluginFF.dll [2014-05-20] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-298172238-1706896589-3872219730-1000: ubisoft.com/uplaypc -> P:\Ubisoft Game Launcher\npuplaypc.dll [2014-06-01] ()
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPA8F9FCA9-322F-49F1-A1AF-BE724902B7FC
CHR StartupUrls: Default -> "hxxp://members.iracing.com/membersite/member/Home.do"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Reddit Minimal) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbkkhehdgoiaahjonjakfaefnhiboec [2013-09-27]
CHR Extension: (Google Drive) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (Vimeo™ Download Videos) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\geeljcibkkackafmeepgadbfgmpjmdeg [2013-11-19]
CHR Extension: (Google Docs Offline) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-28]
CHR Extension: (AdBlock) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-28]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-11-21]
CHR Extension: (Grey Minimalist) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\hibnimblojplfbdgeebipbioedefogoi [2015-11-06]
CHR Extension: (Scriffon) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcogdkjlajlgojgnjaiojdfepaakkea [2015-04-17]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-01-10]
CHR Extension: (Skype Click to Call) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-23]
CHR Extension: (Google Search) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpjmkngecpnnajkmdhplmeoelenkpgk [2015-04-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-22]
CHR Extension: (Gmail) - C:\Users\MrDyll\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ArcService; P:\Arc\Arc\ArcService.exe [88400 2014-05-20] (Perfect World Entertainment Inc)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-10-27] (Atheros Commnucations) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-09-14] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 DisplayFusionService; P:\DisplayFusion\DisplayFusionService.exe [4608040 2015-09-22] (Binary Fortress Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-09-26] (EasyAntiCheat Ltd)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 iRacingService; F:\iRacing\iRacingService.exe [809248 2015-10-23] (iRacing.com Motorsport Simulations, LLC
Bedford, MA 01730)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-10-26] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-07] (McAfee, Inc.)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe [126392 2009-12-09] (Symantec Corporation)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [329344 2015-03-04] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; P:\Origin\OriginClientService.exe [2099720 2015-11-14] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-15] ()
R2 SaiDOutput; C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe [241152 2008-04-04] (Saitek) [File not signed]
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-13] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [125360 2015-03-04] (Locktime Software)
R3 npusbio; C:\Windows\System32\Drivers\npusbio_x64.sys [38400 2012-07-09] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-04-09] (Razer Inc)
S3 SaiH0762; C:\Windows\System32\DRIVERS\SaiH0762.sys [178560 2008-04-04] (Saitek)
S3 SaiH0763; C:\Windows\System32\DRIVERS\SaiH0763.sys [178304 2008-02-15] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-02-01] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-02-01] (Saitek)
S1 SRTSP; C:\Windows\system32\drivers\NISx64\1105000.07F\SRTSP64.SYS [504880 2009-12-03] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1105000.07F\SRTSPX64.SYS [32304 2009-12-03] (Symantec Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-12-13] (Cisco Systems, Inc.)
S3 XFDriver64; C:\Program Files\Xfire2\XFDriver64.sys [17160 2013-03-14] (XFire)
S3 BS2689935443; \??\C:\Users\MrDyll\AppData\Local\Temp\NTFS.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20091209.020\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20091209.020\EX64.SYS [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-28 11:37 - 2015-11-28 11:38 - 00028070 _____ C:\Users\MrDyll\Downloads\FRST.txt
2015-11-28 11:37 - 2015-11-28 11:37 - 00000000 ____D C:\FRST
2015-11-28 11:34 - 2015-11-28 11:36 - 00021731 _____ C:\Windows\system32\DB2689935443
2015-11-28 11:33 - 2015-11-28 11:33 - 00007475 _____ C:\Users\MrDyll\Desktop\AdwCleaner[C1].txt
2015-11-28 11:33 - 2015-11-28 11:33 - 00000000 ___RD C:\Users\MrDyll\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-11-28 11:33 - 2015-11-28 11:33 - 00000000 ____D C:\Users\MrDyll\AppData\LocalLow\uTorrent
2015-11-28 11:29 - 2015-11-28 11:29 - 00006997 _____ C:\Users\MrDyll\Desktop\AdwCleaner[S2].txt
2015-11-28 11:23 - 2015-11-28 11:29 - 00000000 ____D C:\AdwCleaner
2015-11-28 11:22 - 2015-11-28 11:22 - 02349056 _____ (Farbar) C:\Users\MrDyll\Downloads\FRST64.exe
2015-11-28 11:21 - 2015-11-28 11:22 - 01733632 _____ C:\Users\MrDyll\Downloads\adwcleaner_5.022.exe
2015-11-28 11:21 - 2015-06-25 21:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-11-28 11:21 - 2015-06-25 21:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-11-28 11:21 - 2015-06-25 21:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-11-28 11:21 - 2015-06-25 20:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-11-28 11:20 - 2015-11-04 04:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-28 11:20 - 2015-08-28 05:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-11-28 11:20 - 2015-08-28 05:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-11-28 11:20 - 2015-08-28 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-11-28 11:20 - 2015-08-28 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-11-28 11:20 - 2015-08-28 04:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-11-28 11:20 - 2015-08-28 04:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-11-28 11:20 - 2015-08-28 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-11-28 11:20 - 2015-08-28 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-11-28 11:14 - 2015-07-10 04:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-11-28 11:14 - 2015-07-10 04:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-11-28 11:14 - 2015-07-10 04:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-11-28 11:13 - 2015-11-28 11:13 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\MrDyll\Downloads\rkill.scr
2015-11-28 11:13 - 2015-11-28 11:13 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\MrDyll\Downloads\rkill.exe
2015-11-28 11:13 - 2015-11-28 11:13 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\MrDyll\Downloads\rkill.com
2015-11-28 11:13 - 2015-09-02 14:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-11-28 11:13 - 2015-09-02 14:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-11-28 11:13 - 2015-09-02 14:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-11-28 11:13 - 2015-09-02 14:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-11-28 11:13 - 2015-09-02 13:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-11-28 11:13 - 2015-09-02 13:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-11-28 11:13 - 2015-09-02 13:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-11-28 11:13 - 2015-09-02 13:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-11-28 11:13 - 2015-09-02 12:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-11-28 11:13 - 2015-09-02 12:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-11-28 11:12 - 2015-10-13 15:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-28 11:12 - 2015-10-02 05:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-28 11:12 - 2015-10-02 05:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-28 11:12 - 2015-10-02 04:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-28 11:09 - 2015-11-28 11:09 - 06392130 _____ C:\Users\MrDyll\Downloads\mbam-chameleon-3.1.28.0.zip
2015-11-28 11:09 - 2015-11-28 11:09 - 00000000 ____D C:\Users\MrDyll\Desktop\Chameleon
2015-11-28 10:58 - 2015-11-28 10:58 - 22908888 _____ (Malwarebytes ) C:\Users\MrDyll\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-22 10:18 - 2015-11-22 10:20 - 00000000 ____D C:\Users\MrDyll\AppData\Local\Fallout4
2015-11-22 10:16 - 2015-11-22 10:16 - 00000578 _____ C:\Users\MrDyll\Desktop\Fallout 4.lnk
2015-11-22 10:16 - 2015-11-22 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4
2015-11-22 02:28 - 2015-11-28 11:35 - 00000000 ____D C:\Users\MrDyll\AppData\Roaming\tor
2015-11-22 02:20 - 2015-11-28 10:57 - 00030404 _____ C:\Windows\system32\CFG2689935443
2015-11-15 14:28 - 2015-11-15 14:30 - 02346448 _____ C:\Users\MrDyll\Downloads\Natural Graphics Mod 2.6.1.zip
2015-11-15 09:04 - 2015-11-15 09:04 - 00343432 _____ C:\Windows\Minidump\111515-38423-01.dmp
2015-11-14 21:33 - 2015-11-14 21:33 - 00109752 _____ C:\Users\MrDyll\Downloads\assetto-corsa-deltabar-deltabar_v130.zip
2015-11-14 21:32 - 2015-11-14 21:33 - 01505984 _____ C:\Users\MrDyll\Downloads\rivali-ov1info-v4.1.zip
2015-11-14 21:31 - 2015-11-14 21:35 - 09726785 _____ C:\Users\MrDyll\Downloads\F1 2015 HUD.rar
2015-11-14 21:31 - 2015-11-14 21:35 - 05791681 _____ C:\Users\MrDyll\Downloads\ov1-f1-2014-hud-v0.9.2-beta.zip
2015-11-14 21:28 - 2015-11-14 21:28 - 00003981 _____ C:\Users\MrDyll\Downloads\FFBClip34.rar
2015-11-14 11:23 - 2015-11-14 11:23 - 00262192 _____ C:\Windows\Minidump\111415-17066-01.dmp
2015-11-14 09:58 - 2015-11-14 09:58 - 172102390 _____ C:\Users\MrDyll\Downloads\codex-fallout.4.iso.crdownload
2015-11-14 09:48 - 2015-11-14 09:48 - 00063305 _____ C:\Users\MrDyll\Downloads\[kat.cr]fallout.4.codex.torrent
2015-11-14 09:29 - 2015-11-14 09:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-14 09:29 - 2015-11-14 09:29 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-11-10 02:50 - 2015-11-10 02:50 - 22317384 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-11-10 02:50 - 2015-11-10 02:50 - 16562296 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-11-10 02:50 - 2015-11-10 02:50 - 00396936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-11-10 02:49 - 2015-11-10 02:49 - 11139216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-11-10 02:49 - 2015-11-10 02:49 - 00870544 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-11-10 02:49 - 2015-11-10 02:49 - 00682640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-10 02:49 - 2015-11-10 02:49 - 00186328 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-11-10 02:49 - 2015-11-10 02:49 - 00164520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-11-10 02:49 - 2015-11-10 02:49 - 00160096 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-11-10 02:49 - 2015-11-10 02:49 - 00137424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-11-10 02:48 - 2015-11-10 02:48 - 15726592 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-11-10 02:48 - 2015-11-10 02:48 - 01914000 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435891.dll
2015-11-10 02:48 - 2015-11-10 02:48 - 01573520 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435891.dll
2015-11-10 02:48 - 2015-11-10 02:48 - 00886088 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-11-10 02:48 - 2015-11-10 02:48 - 00698000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-10 02:47 - 2015-11-10 02:47 - 14844608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-11-10 02:47 - 2015-11-10 02:47 - 12779488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-10 02:47 - 2015-11-10 02:47 - 12042984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-10 02:47 - 2015-11-10 02:47 - 02879120 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-11-10 02:47 - 2015-11-10 02:47 - 02499216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-10 02:45 - 2015-11-10 02:45 - 42922824 _____ C:\Windows\system32\nvcompiler.dll
2015-11-10 02:45 - 2015-11-10 02:45 - 37891216 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-11-08 13:33 - 2015-11-14 23:52 - 00000000 ___RD C:\Users\MrDyll\Desktop\All Games
2015-11-08 12:44 - 2015-11-08 12:44 - 00000000 ____D C:\Users\MrDyll\AppData\Roaming\Actual Tools
2015-11-08 12:44 - 2015-11-08 12:44 - 00000000 ____D C:\ProgramData\Actual Tools
2015-11-08 12:41 - 2015-11-08 12:43 - 10285504 _____ (Actual Tools ) C:\Users\MrDyll\Downloads\ammsetup.exe
2015-11-08 12:31 - 2015-11-08 12:36 - 00000000 ____D C:\Users\MrDyll\AppData\Local\DisplayFusion
2015-11-08 10:46 - 2015-11-08 10:50 - 18365112 _____ (Binary Fortress Software ) C:\Users\MrDyll\Downloads\DisplayFusionSetup-7.3.1.exe
2015-11-08 09:59 - 2015-11-08 09:59 - 00000096 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-11-06 19:59 - 2015-11-06 20:02 - 60854349 _____ C:\Users\MrDyll\Downloads\sochi+fix.rar
2015-11-06 19:53 - 2015-11-06 19:57 - 64521218 _____ C:\Users\MrDyll\Downloads\F1_2015_Mercedes_W06_1.2_fix.rar
2015-11-06 19:45 - 2015-11-06 19:57 - 228346021 _____ C:\Users\MrDyll\Downloads\ACFL_F1_2015_V33 (1).rar
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-28 11:37 - 2009-07-14 14:20 - 00000000 ____D C:\Windows
2015-11-28 11:33 - 2015-06-21 19:51 - 00000000 ____D C:\Users\MrDyll\AppData\Roaming\Raptr
2015-11-28 11:33 - 2013-06-13 01:27 - 00000000 ____D C:\Users\MrDyll\AppData\Local\LogMeIn Hamachi
2015-11-28 11:33 - 2013-04-11 16:12 - 00000000 ____D C:\Users\MrDyll\AppData\Roaming\uTorrent
2015-11-28 11:33 - 2013-04-10 11:41 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-28 11:33 - 2013-04-10 11:23 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-11-28 11:33 - 2009-07-14 16:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-28 11:32 - 2013-04-10 11:32 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-28 11:30 - 2013-04-10 13:55 - 00000000 ____D C:\Users\MrDyll\AppData\Local\CrashDumps
2015-11-28 11:29 - 2009-07-14 15:45 - 00015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-28 11:29 - 2009-07-14 15:45 - 00015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-28 11:27 - 2009-07-14 15:45 - 04900496 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-28 11:27 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\inf
2015-11-28 11:26 - 2009-07-14 18:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-28 11:14 - 2013-04-10 11:41 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-28 11:01 - 2009-07-14 16:13 - 00006608 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-28 10:57 - 2014-01-04 16:26 - 00000000 ____D C:\Users\MrDyll\AppData\Local\ElevatedDiagnostics
2015-11-28 10:55 - 2013-04-14 23:20 - 00000000 ____D C:\Users\MrDyll\AppData\Local\Adobe
2015-11-22 10:18 - 2013-04-10 13:38 - 00000000 ____D C:\Users\MrDyll\Documents\my games
2015-11-21 21:32 - 2015-06-21 19:51 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-11-21 21:28 - 2009-07-14 16:08 - 00032596 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-15 15:10 - 2013-04-12 14:07 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-11-15 15:10 - 2013-04-11 16:11 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-15 15:10 - 2013-04-11 16:11 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-15 14:56 - 2013-04-11 16:11 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-15 14:50 - 2013-04-19 18:02 - 00000000 ____D C:\ProgramData\Origin
2015-11-15 09:12 - 2015-02-27 12:54 - 00000000 ____D C:\Users\MrDyll\AppData\Local\Steam
2015-11-15 09:09 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-15 09:04 - 2013-05-04 13:29 - 00000000 ____D C:\Windows\Minidump
2015-11-14 11:17 - 2015-05-09 18:24 - 00000000 __SHD C:\Users\MrDyll\AppData\Local\EmieBrowserModeList
2015-11-14 11:17 - 2014-10-10 09:49 - 00000000 __SHD C:\Users\MrDyll\AppData\Local\EmieUserList
2015-11-14 11:17 - 2014-10-10 09:49 - 00000000 __SHD C:\Users\MrDyll\AppData\Local\EmieSiteList
2015-11-14 11:17 - 2013-04-10 11:41 - 00000000 ____D C:\Users\MrDyll\AppData\Local\Google
2015-11-14 11:15 - 2015-07-05 23:32 - 00054156 ____H C:\Windows\QTFont.qfn
2015-11-10 02:51 - 2015-10-10 21:52 - 00476640 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-11-10 02:51 - 2014-08-19 22:15 - 17523936 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-10 02:51 - 2014-08-19 22:15 - 15130512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-10 02:50 - 2015-06-13 17:09 - 13535984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-10 02:50 - 2014-01-30 17:34 - 18370888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-10 02:44 - 2013-02-26 01:32 - 03587728 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-11-10 02:44 - 2013-02-26 01:32 - 03167464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-10 01:13 - 2013-04-10 11:31 - 00033607 _____ C:\Windows\system32\nvinfo.pb
2015-11-08 13:31 - 2014-01-19 00:41 - 00000000 ____D C:\Users\MrDyll\Documents\dsktop
2015-11-08 12:31 - 2013-04-10 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
2015-11-08 12:31 - 2013-04-10 12:01 - 00000000 ____D C:\Users\MrDyll\Documents\DisplayFusion Backups
2015-11-08 10:45 - 2013-04-10 11:54 - 00000000 ____D C:\Users\MrDyll\AppData\Roaming\DisplayFusion
2015-11-06 23:38 - 2015-05-24 03:11 - 00000000 ____D C:\Users\MrDyll\Documents\wmd_symbol_cache
2015-11-06 20:32 - 2013-04-10 11:04 - 00000000 ____D C:\Users\MrDyll
2015-11-06 19:55 - 2014-12-24 19:26 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
 
==================== Files in the root of some directories =======
 
2013-09-27 22:10 - 2013-09-27 22:11 - 0000132 _____ () C:\Users\MrDyll\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-09-11 15:56 - 2013-11-03 14:48 - 0000132 _____ () C:\Users\MrDyll\AppData\Roaming\Adobe Targa Format CS5 Prefs
2009-07-14 10:19 - 2009-07-14 12:14 - 0593920 _____ () C:\Users\MrDyll\AppData\Roaming\BackUp2689935443.exe
2013-08-12 19:59 - 2013-08-12 19:59 - 0000041 _____ () C:\Users\MrDyll\AppData\Roaming\TheHunterSettings_live.cfg
2015-06-06 22:10 - 2015-09-06 15:53 - 0000600 _____ () C:\Users\MrDyll\AppData\Roaming\winscp.rnd
2013-09-27 18:55 - 2013-09-27 18:55 - 145672688 _____ () C:\Users\MrDyll\AppData\Local\ACCCx2_1_2_232.zip.aamdownload
2013-09-27 18:55 - 2013-09-27 18:55 - 0001817 _____ () C:\Users\MrDyll\AppData\Local\ACCCx2_1_2_232.zip.aamdownload.aamd
2014-09-19 01:52 - 2014-11-26 18:51 - 0000600 _____ () C:\Users\MrDyll\AppData\Local\PUTTY.RND
2015-09-20 12:16 - 2015-10-25 16:10 - 0007600 _____ () C:\Users\MrDyll\AppData\Local\resmon.resmoncfg
2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\MrDyll\AppData\Local\setup.txt
2013-11-10 13:51 - 2013-09-11 13:51 - 0000032 ____R () C:\ProgramData\hash.dat
2015-11-08 09:59 - 2015-11-08 09:59 - 0000096 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Windows\Tasks\At1.job
 
 
Some files in TEMP:
====================
C:\Users\MrDyll\AppData\Local\Temp\_is92EC.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-21 22:22
 
==================== End of FRST.txt ============================
 
 
 
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-11-2015
Ran by MrDyll (2015-11-28 11:38:24)
Running from C:\Users\MrDyll\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-04-10 00:04:01)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-298172238-1706896589-3872219730-500 - Administrator - Disabled)
Guest (S-1-5-21-298172238-1706896589-3872219730-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-298172238-1706896589-3872219730-1007 - Limited - Enabled)
MrDyll (S-1-5-21-298172238-1706896589-3872219730-1000 - Administrator - Enabled) => C:\Users\MrDyll
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Internet Security (Disabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ACFL F1 2015 V3.3 (HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\ACFL F1 2015 V3.3) (Version:  - )
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Age of Wushu (HKLM-x32\...\Steam App 265650) (Version:  - Snail USA)
Alien Isolation (HKLM-x32\...\Alien Isolation_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
America's Army: Proving Grounds Beta (HKLM-x32\...\Steam App 203290) (Version:  - U.S. Army)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Arma 2 British Armed Forces Uninstall (HKLM-x32\...\Arma 2 British Armed Forces) (Version:  - )
ARMA 2 Operation Arrowhead Uninstall (HKLM-x32\...\ARMA 2 Operation Arrowhead) (Version:  - )
ArmA 2 Uninstall (HKLM-x32\...\ArmA 2) (Version:  - )
ARMA 3 Launcher By Head (HKLM-x32\...\ARMA 3 Launcher By Head) (Version: 1.0.0.0 - Whoopshop Studios)
Assetto Corsa (HKLM-x32\...\Steam App 244210) (Version:  - Kunos Simulazioni)
AVCHDCoder (HKLM-x32\...\{485B2CAD-8D18-4A0F-97BE-A5202C3D7721}) (Version: 11.12.27 - Twan Wintjes)
Batman: Arkham Asylum Game of the Year Edition (HKLM-x32\...\{CFABC775-5386-4BA5-86B4-505BBD36E812}) (Version: 1.0.0.0 - Square Enix Limited)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye) (Version:  - )
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.40 - Atheros Communications)
Brütal Legend (HKLM-x32\...\Steam App 225260) (Version:  - Double Fine Productions)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05152 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05152 - Cisco Systems, Inc.) Hidden
City Car Driving 1.2.5 (HKLM-x32\...\{CC457F3D-5CDE-4CE8-9685-90A4EDE81374}_is1) (Version:  - Forward Development)
Clover 3.0 (HKLM-x32\...\Clover) (Version: 3.0 - EJIE Technology)
Combined Community Codec Pack 2013-08-01 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.08.01.0 - CCCP Project)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
CTDP Formula One 2005 v1.2 (HKLM-x32\...\{F72CC350-CDF1-47AF-A474-4E2404EBBEB8}_is1) (Version: V1.2 - Cars & Tracks Development Project)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Day of Defeat (HKLM-x32\...\Steam App 30) (Version:  - Valve)
DCS World (HKLM\...\DCS World_is1) (Version: 1.2.3.10201 - )
Dead Rising 2 (HKLM-x32\...\GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}) (Version: 1.0.0000.130 - Capcom)
Dead Rising 2 (x32 Version: 1.0.0000.130 - Capcom) Hidden
Dead Space™ (HKLM-x32\...\{4D87DC92-C328-46EC-A7B4-9C88129DC696}) (Version: 1.0.222.0 - Electronic Arts)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Democracy 3 version 0.0.0.9 (HKLM-x32\...\Democracy 3_is1) (Version: 0.0.0.9 - WaLMaRT)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version:  - Splash Damage®)
DisplayFusion 7.3.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.3.1.0 - Binary Fortress Software)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dxtory version 2.0.123 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.123 - ExKode Co. Ltd.)
Endurance Series by EnduRacers - rF1 FULL (HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\Endurance Series by EnduRacers - rF1 FULL) (Version:  - )
Endurance Series by EnduRacers - Service Pack 2.1 (HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\Endurance Series by EnduRacers - Service Pack 2.1) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVGA Precision 2.0.2 (HKLM-x32\...\Precision) (Version: 2.0.2 - EVGA Corporation)
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version:  - Day 1 Studios)
F1 2012 (HKLM-x32\...\Steam App 208500) (Version:  - Codemasters)
F1 2013 (HKLM-x32\...\RjEyMDEz_is1) (Version: 1 - )
F1 2014 (HKLM-x32\...\RjEyMDE0_is1) (Version: 1 - )
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version:  - )
Fallout New Vegas (HKLM-x32\...\Fallout New Vegas_is1) (Version:  - )
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Fate of the World: Tipping Point 1.1 (HKLM-x32\...\{1EA6905E-8ADF-48FC-AD51-447136E40F9C}) (Version: 1.1.0.0 - Red Redemption)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
Game Dev Tycoon DEMO version 1.0.1 (HKLM-x32\...\{9B1070C1-D522-4E00-8263-F442422D26CA}_is1) (Version: 1.0.1 - Greenheart Games Pty. Ltd.)
Game Dev Tycoon version 1.3.4 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.3.4 - Greenheart Games Pty. Ltd.)
Game of Thrones - A Telltale Games Series v1.0 / RePack by Azaq (HKLM-x32\...\Game of Thrones - A Telltale Games Series_is1) (Version:  - )
GAME STOCK CAR 2012 version DEMO (HKLM-x32\...\{B0FB75B6-238F-42C2-A849-54A48ABAEB3D}_is1) (Version: DEMO - Reiza Studios Ltda.)
Game Stock Car 2013 version 1.00 (HKLM-x32\...\{0DDE356A-68FA-4768-A94E-B7BE98EB4259}_is1) (Version: 1.00 - Reiza Studios Ltda.)
GameSpy Comrade (HKLM-x32\...\{894084B6-BC69-43B7-BF06-B93AECFEA520}) (Version: 2.1.1.214 - GameSpy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
GRID Autosport (HKLM-x32\...\R1JJREF1dG9zcG9ydA==_is1) (Version: 1 - )
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
iRacing (HKLM-x32\...\Steam App 266410) (Version:  - iRacing.com Motorsport Simulations)
iRacing Timing Monitor (HKLM-x32\...\{790EC743-7D2C-4E2F-8E4B-C98E9F6E0237}) (Version: 1.0.0 - Marcel Wiemers)
iRacing.com Race Simulation (HKLM-x32\...\{CBBB3C80-76F5-42B5-92A6-C4BF84796DCB}) (Version: 1.01.0554 - iRacing.com Motorsport Simulations)
iRDDU (HKLM-x32\...\iRDDU 1.3.5) (Version: 1.3.5 - Shedsoft)
iRDDU (x32 Version: 1.3.5 - Shedsoft) Hidden
irDDU Dashboard Pack (HKLM-x32\...\{A167D3B2-A33A-42D9-B3CC-8DCEBCC29E76}) (Version: 1.1.0 - Shedsoft)
iSpeed 3.5.2.6 (HKLM-x32\...\{5B7EEBBD-2D18-4078-9B60-38DA3099759C}) (Version: 3.5.2.6 - Nessoft, LLC)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jimmie Johnson Spotter-Cuss Pack (HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\Jimmie Johnson Spotter-Cuss Pack) (Version:  - )
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.58.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - )
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.406 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.406 - LogMeIn, Inc.) Hidden
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Making History The Great War (HKLM-x32\...\Making History The Great War_is1) (Version:  - )
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version:  - Nadeo)
marvell 91xx console driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1045 - Marvell)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.2 - Electronic Arts)
MediaInfo 0.7.64 (HKLM\...\MediaInfo) (Version: 0.7.64 - MediaArea.net)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.3205.0) (Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F9EC30D1-F688-4708-9850-CB5120074AAA}) (Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{C3525BF7-3698-4CD3-A8C3-69BD6F57BA3B}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version:  - )
Mini Metro (Beta 3)(2014) (HKLM-x32\...\Mini Metro (Beta 3)(2014)Beta 3) (Version: Beta 3 - Friends in War)
MKVToolNix 6.3.0 (HKLM-x32\...\MKVToolNix) (Version: 6.3.0 - Moritz Bunkus)
MMG F1 2007 V3.0.1 (HKLM-x32\...\MMG F1 2007 V3.0.1) (Version:  - )
Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version:  - Virtual Heroes)
Mozilla Firefox 32.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 en-US)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPRAlarmClock (HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\8783aabc4910bc60) (Version: 1.0.0.6 - MPRAlarmClock)
NaturalPoint USB Drivers x64 (HKLM\...\{B408139D-04D6-4464-A979-D335E48F7063}) (Version: 2.50.0000 - NaturalPoint)
netKar PRO v1.3 (HKLM-x32\...\{04B68109-F196-49A7-9286-C3DA440E4690}}_is1) (Version:  - Kunos Simulazioni)
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.10.0) (Version: 4.0.10.0 - Locktime Software)
NetLimiter 4 (Version: 4.0.10.0 - Locktime Software) Hidden
NinjaTrader 7 (HKLM-x32\...\{8ADDE131-42C2-4B1E-B8B4-F8A7C139719C}) (Version: 7.0.1030 - NinjaTrader)
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 17.5.0.127 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.3 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)
NVIDIA Graphics Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Update 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.15.54 - NVIDIA Corporation)
Octodad (HKLM-x32\...\Octodad) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenTTD 1.3.2 (HKLM-x32\...\OpenTTD) (Version: 1.3.2 - OpenTTD)
Operation Flashpoint: Red River (HKLM-x32\...\Steam App 44340) (Version:  - Codemasters Action Studio)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Osmo4/GPAC (remove only) (HKLM-x32\...\Osmo4) (Version:  - )
PackBit Codec version 1.0.0.1Beta (HKLM-x32\...\{5AFD98DE-0AF5-497F-BE7E-F93DEDF74573}_is1) (Version: 1.0.0.1Beta - Dxtory Software)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Papers, Please (HKLM-x32\...\{547491AF-77A2-4949-8AB4-EBDC99FE7B4A}) (Version: 1.0.41 - 3909 LLC)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PlanetSide 2 (HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Police Force (HKLM-x32\...\Die Polizei) (Version:  - Quadriga Games GmbH)
Populous (HKLM-x32\...\{476CD9DE-C45F-4443-BFA7-E51C58B7E455}) (Version: 1.0.0.0 - Electronic Arts)
Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.0 - Project Reality)
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version:  - Indie Stone Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Quake Live (HKLM-x32\...\Steam App 282440) (Version:  - id Software)
QuickTime Alternative 1.81 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 1.81 - )
Racing Manager 2014 (HKLM-x32\...\Racing Manager 2014_is1) (Version:  - Kalypso Media)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0.2 r2161 - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.02 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
rebox.NET 1.9.5.0 (HKLM-x32\...\rebox.NET 1.9.5.0) (Version: 1.9.5.0 - clone.AD)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
rFactor (HKLM-x32\...\rFactor) (Version: 0.90 - RealSim)
rFactor Data Acquisition Plugin (HKLM-x32\...\rFactor Data Acquisition Plugin) (Version: 0.9.4a - Cars & Tracks Development Project)
rFactor2 (HKLM-x32\...\rFactor2) (Version:  - )
rFactorCentral Client 1.04 (HKLM-x32\...\RfcClient) (Version: 1.04 - rFactorCentral, Inc.)
RidNacs 2.0.3 (HKLM-x32\...\RidNacs_is1) (Version:  - Stephan Plath)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.5 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Ryder Mod Manager (HKLM-x32\...\Ryder Mod Manager) (Version:  - )
S.W.A.T. 4 (HKLM-x32\...\S.W.A.T. 4_is1) (Version:  - )
Saitek DirectOutput 6.2.2.4 (HKLM\...\{8FC854D3-EE18-425F-85D9-28E0A850FF2E}) (Version: 6.2.2.4 - Saitek)
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit) (HKLM\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.46 - NVIDIA Corporation) Hidden
Sim Racing Setup Analyzer (HKLM-x32\...\Sim Racing Setup Analyzer 1.0.5) (Version: 1.0.5 - MPR Analytics, LLC)
Sim Racing Setup Analyzer (x32 Version: 1.0.5 - MPR Analytics, LLC) Hidden
Six Updater (HKLM-x32\...\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}) (Version: 2.09.7038 - Six Projects)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.24.8 (HKLM\...\{AB98EBC0-1F36-4525-8CBE-E1C63700C7AD}) (Version: 7.0.24.8 - Mad Catz)
SNOW (HKLM-x32\...\Steam App 244930) (Version:  - Poppermost Productions)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spintires (HKLM-x32\...\Spintires_is1) (Version:  - )
Spiral Knights (HKLM-x32\...\Steam App 99900) (Version:  - Three Rings)
SPORE™ Creature Creator Trial Edition (HKLM-x32\...\{ECEE0279-785F-4CB3-9F28-E69813234BF8}) (Version: 1.00.0000 - Electronic Arts)
Spotify (HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Management Studio (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Star Stable (HKLM-x32\...\{2B03B553-4983-4005-99C4-31DFC25B4BB9}) (Version: 1.00.0000 - Star Stable Entertainment AB)
STAR WARS™ Battlefront™ Beta (HKLM-x32\...\{8A863B64-C9BE-4203-9ED7-92981CF690D3}) (Version: 1.0.3.51560 - Electronic Arts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Subspace Continuum (HKLM-x32\...\Steam App 352700) (Version:  - Virgin Interactive Entertainment)
SWAT 3 - Tactical Game of The Year Edition (HKLM-x32\...\SWAT 3 - Tactical Game of The Year Edition_is1) (Version:  - GOG.com)
SWAT 4 (HKLM-x32\...\{AEF3EF2A-DCA7-43E1-AEA9-0F52C79290D9}) (Version: 1.1 - Sierra)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tactical Intervention (HKLM-x32\...\Steam App 51100) (Version:  - FIX Korea)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.12 - TeamSpeak Systems GmbH)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Forest 1.0 (HKLM-x32\...\The Forest 1.0) (Version: 1.0 - Cat-A-Cat)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
The Sims 4 Deluxe Edition version 1.0 Update 1 (HKLM-x32\...\The Sims 4 Deluxe Edition_is1) (Version: 1.0 Update 1 - GMT-MAX.ORG)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.36.024017 - Electronic Arts Inc.)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
theHunter (remove only) (HKLM-x32\...\theHunter) (Version:  - Expansive Worlds)
This War of Mine (HKLM-x32\...\{5FD7B6B3-08C7-4FEE-9C37-A2134C699885}}_is1) (Version: 1 - 11 bit studios)
TikiOne Steam Cleaner (HKLM-x32\...\TikiOneSteamCleaner) (Version:  - Jonathan Lermitage)
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version:  - Ubisoft Singapore)
Tombraider (HKLM-x32\...\Tombraider_is1) (Version:  - )
TrackIR 5 (HKLM-x32\...\{2f2e6053-043c-4d69-94d0-4d42304ea4ee}) (Version: 5.2.0200 - NaturalPoint)
Trading Paints (HKLM-x32\...\{03C0A801-FC2F-442C-A0BD-DB63B373DE27}) (Version: 1.1.1 - Shawn05.com)
Trading Paints (HKLM-x32\...\{7B2967FB-7828-4823-8D1F-C990FD6CB12E}) (Version: 1.2.0 - Shawn05.com)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
War of the Vikings Early Access (HKLM-x32\...\Steam App 234530) (Version:  - Fatshark)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WinDirStat 1.1.2 (HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.7.3 (HKLM-x32\...\winscp3_is1) (Version: 5.7.3 - Martin Prikryl)
World of Tanks (HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812asia}_is1) (Version:  - Wargaming.net)
Xfire (HKLM-x32\...\Xfire) (Version:  - )
Xfire 2.0 (HKLM-x32\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)
Xfire Codec (remove only) (HKLM-x32\...\XfireCodec) (Version:  - )
YouRiding FREESKI II version 1.005 (HKLM-x32\...\{0C59CB32-93D5-4C2F-816A-2B53806F1086}_is1) (Version: 1.005 - Intellysurf)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
28-11-2015 11:35:12 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 13:34 - 2009-06-11 08:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {26473D4C-EF0F-46C0-852F-87647B6DF293} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {558878AE-8105-4620-98C4-11A5CDC20C11} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {5AC3B7EE-EC94-4ED8-9131-78AC21501916} - System32\Tasks\SRSA updater => P:\simracingsetup\SRSA updater.exe [2014-01-02] (MPR Analytics, LLC)
Task: {6FEF85A7-7554-426B-A78A-7575A7791604} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {88F223B4-8AFA-4613-A0F2-FDBD77083A39} - System32\Tasks\{52B8D808-57BE-408B-8428-6871C945F718} => pcalua.exe -a G:\Games\SWAT4\ContentExpansion\Swat_4x_Setup.exe -d G:\Games\SWAT4\ContentExpansion
Task: {BF396A70-6C35-43AD-89FB-3A38FB650F16} - System32\Tasks\At1 => C:\Windows\SysWOW64\lodcttr.exe [2009-07-14] () <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\At1.job => C:\Windows\SysWOW64\lodcttr.exe C:\Windows\SysWOW64\authfwcffg.dll
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\MrDyll\Documents\dsktop\CleanAlpha.lnk -> F:\iRacingAlpha\clean_data.bat (No File) <==== ATTENTION
Shortcut: C:\Users\MrDyll\Documents\dsktop\iRacingAlpha.lnk -> F:\iRacingAlpha\Start_iRacingService.bat (No File) <==== ATTENTION
Shortcut: C:\Users\MrDyll\Documents\dsktop\iRacingBeta.lnk -> F:\iRacingBeta\Start_iRacingService.bat (No File) <==== ATTENTION
Shortcut: C:\Users\MrDyll\Documents\dsktop\iRacingMembers.lnk -> F:\iRacingMembers\Start_iRacingService.bat (No File) <==== ATTENTION
Shortcut: C:\Users\MrDyll\Documents\dsktop\iRacingStaging.lnk -> F:\iRacingStaging\Start_iRacingService.bat (No File) <==== ATTENTION
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-04-14 03:21 - 2015-10-03 13:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-04-11 16:11 - 2015-11-15 15:10 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-20 12:24 - 2014-03-20 12:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2012-06-19 02:24 - 2012-06-19 02:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-02-18 18:03 - 2014-02-18 18:03 - 04697968 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe
2013-12-13 09:36 - 2013-12-13 09:36 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-04-24 23:52 - 2015-10-12 14:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2012-07-09 23:08 - 2012-07-09 23:08 - 00492544 _____ () C:\Program Files (x86)\NaturalPoint\TrackIR5\Styles\TrackIR.cjstyles
2014-03-19 00:22 - 2014-03-19 00:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2010-11-23 09:56 - 2010-11-23 09:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 09:56 - 2010-11-23 09:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-16 05:17 - 2011-02-16 05:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 09:57 - 2010-11-23 09:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2015-10-22 07:29 - 2015-10-22 07:29 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2015-10-22 07:29 - 2015-10-22 07:29 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-23 09:56 - 2010-11-23 09:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 09:57 - 2010-11-23 09:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2015-06-27 10:09 - 2015-06-27 10:09 - 00271872 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 09:57 - 2010-11-23 09:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 11:56 - 2014-06-18 11:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-16 05:17 - 2011-02-16 05:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 10:06 - 2010-11-23 10:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 10:52 - 2013-05-10 10:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 10:52 - 2013-05-10 10:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 10:52 - 2013-05-10 10:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-04 05:56 - 2013-05-04 05:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-04 05:56 - 2013-05-04 05:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-04 05:56 - 2013-05-04 05:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2015-11-14 21:47 - 2015-11-07 15:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-14 21:47 - 2015-11-07 15:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
2015-11-22 02:28 - 2000-01-01 00:00 - 00714452 _____ () C:\Users\MrDyll\AppData\Local\Temp\T2689935443\Tor\libevent-2-0-5.dll
2015-11-22 02:28 - 2000-01-01 00:00 - 00091026 _____ () C:\Users\MrDyll\AppData\Local\Temp\T2689935443\Tor\libssp-0.dll
2015-11-22 02:28 - 2000-01-01 00:00 - 00517814 _____ () C:\Users\MrDyll\AppData\Local\Temp\T2689935443\Tor\libgcc_s_sjlj-1.dll
2015-11-22 02:28 - 2000-01-01 00:00 - 00110592 _____ () C:\Users\MrDyll\AppData\Local\Temp\T2689935443\Tor\zlib1.dll
2015-11-14 21:47 - 2015-11-07 15:36 - 16496456 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\MrDyll:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\Users\MrDyll\Application Data:gs5sys
AlternateDataStreams: C:\Users\MrDyll\Cookies:gs5sys
AlternateDataStreams: C:\Users\MrDyll\Local Settings:gs5sys
AlternateDataStreams: C:\Users\MrDyll\Templates:gs5sys
AlternateDataStreams: C:\Users\MrDyll\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\MrDyll\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\MrDyll\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\MrDyll\AppData\Local\Application Data:gs5sys
AlternateDataStreams: C:\Users\MrDyll\AppData\Local\History:gs5sys
AlternateDataStreams: C:\Users\MrDyll\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-298172238-1706896589-3872219730-1000\...\sony.com -> sony.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-298172238-1706896589-3872219730-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MrDyll\AppData\Roaming\DisplayFusion\Wallpaper_1.jpg
DNS Servers: 10.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MrDyll^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.Startup
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{5AF0EF6A-4FF8-4F6B-A3B4-DCCE63E7DF01}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8DA7D28A-3A87-4A55-98CA-70B4AC0EB15C}] => (Allow) D:\Bohemia Interactive\ArmA 2 Operation Arrowhead\arma2OA.exe
FirewallRules: [{CB33AC1D-77CB-4820-9612-95826A681AE9}] => (Allow) D:\Bohemia Interactive\ArmA 2 Operation Arrowhead\arma2OA.exe
FirewallRules: [{9BB628EF-FC0F-4F02-A1A5-92E06AFCD47D}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{E5222847-0048-42B4-A004-C68FD7C4DE2B}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [TCP Query User{BFB2EB6E-48F8-45A5-A079-AA00076FCE93}P:\xfire\xfire.exe] => (Allow) P:\xfire\xfire.exe
FirewallRules: [UDP Query User{8AD5A466-554D-4239-9CA7-C1ECD4B9BF99}P:\xfire\xfire.exe] => (Allow) P:\xfire\xfire.exe
FirewallRules: [TCP Query User{5FC98B83-43DD-4EFF-AA8F-C2E5C78FA1F2}P:\sixupater\tools\bin\rsync.exe] => (Allow) P:\sixupater\tools\bin\rsync.exe
FirewallRules: [UDP Query User{9F339784-2DFC-4E2F-9C51-EAE93899B946}P:\sixupater\tools\bin\rsync.exe] => (Allow) P:\sixupater\tools\bin\rsync.exe
FirewallRules: [TCP Query User{790C857E-623B-48C9-B948-CE6B2896ECB3}P:\mirc\mirc.exe] => (Allow) P:\mirc\mirc.exe
FirewallRules: [UDP Query User{0C5196F0-CFBC-4ECD-93A5-71B939942224}P:\mirc\mirc.exe] => (Allow) P:\mirc\mirc.exe
FirewallRules: [{3F2C1C9E-8FE9-4962-8356-738992256F21}] => (Allow) F:\Steam\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{DB4C7133-9E75-4625-A542-BBBF4C1C538D}] => (Allow) F:\Steam\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{5FAE3384-5447-4E58-8C8C-99A1E63B2E45}] => (Allow) F:\Bohemia Interactive\arma2OA.exe
FirewallRules: [{54D31BB8-5093-455F-BD82-EBEB31DA5CC9}] => (Allow) F:\Bohemia Interactive\arma2OA.exe
FirewallRules: [TCP Query User{EECEDF2D-60AE-44E8-9778-AA89ADEEE5BA}F:\bohemia interactive\expansion\beta\arma2oa.exe] => (Allow) F:\bohemia interactive\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{D12F298E-38B8-40CF-B116-99803EA3B880}F:\bohemia interactive\expansion\beta\arma2oa.exe] => (Allow) F:\bohemia interactive\expansion\beta\arma2oa.exe
FirewallRules: [TCP Query User{A8F909E6-F78B-463B-9DE0-8FBBF81637F3}F:\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) F:\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{15D465D0-A872-4242-921E-DB051D000073}F:\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) F:\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{8497132D-8FBA-4978-9C21-0C4F1603C7F2}] => (Allow) F:\FarCry 3\bin\farcry3.exe
FirewallRules: [{C8C029C3-EEBE-44E9-913C-35DC50B32289}] => (Allow) F:\FarCry 3\bin\farcry3.exe
FirewallRules: [{1AF887F6-4513-4CF2-971F-CC53A3BC3131}] => (Allow) F:\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{126E3B18-88C7-49C9-B9F2-0D0A297654F6}] => (Allow) F:\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{CA8EA833-DEDB-4157-8D11-CC974967133A}] => (Allow) F:\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{505B38D1-2551-409C-817E-F656F8114354}] => (Allow) F:\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{65F7762E-2CD2-4510-9C02-10404EA94885}] => (Allow) F:\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{CD2802F1-4B4F-4550-9973-FA3EEE032D20}] => (Allow) F:\FarCry 3\bin\FC3Editor.exe
FirewallRules: [TCP Query User{B1B722DD-6594-41B7-9C18-B6869F46D340}C:\program files\xfire2\xfire.exe] => (Allow) C:\program files\xfire2\xfire.exe
FirewallRules: [UDP Query User{8C7AFB2F-AFE3-4B64-AD1F-85B5E8621B68}C:\program files\xfire2\xfire.exe] => (Allow) C:\program files\xfire2\xfire.exe
FirewallRules: [TCP Query User{2AA34E5F-B094-44AA-BF70-80E88A207ABB}F:\steam\steam.exe] => (Allow) F:\steam\steam.exe
FirewallRules: [UDP Query User{7A35185F-A7E2-49CE-A106-2960200B0159}F:\steam\steam.exe] => (Allow) F:\steam\steam.exe
FirewallRules: [{02FF54B9-EA8C-4000-94A1-0F40A56D1AB7}] => (Block) %ProgramFiles%\Sony\Vegas Pro 12.0\vegas120.exe
FirewallRules: [{848C9F52-1453-47D5-AC37-5864C11A0C1E}] => (Block) %ProgramFiles%\Sony\Vegas Pro 12.0\vegas120.exe
FirewallRules: [{6E632362-FEAE-4509-BB3C-EA6189A8F583}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{353E7DC3-30B3-4D8F-ADA2-0B8900761F4F}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{A0E38D46-2BDC-489A-AD97-0FBDA03AB411}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{DAB45B4B-1F60-40FD-B5E6-E5DE52A0717E}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{124224A1-8893-4816-80DE-27AAE06856DA}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{74509A06-225A-47C0-AE6A-B655EB784856}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{1D20B6C2-9E2E-48C7-A41E-CC417A638F16}] => (Allow) F:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [TCP Query User{53C4E3D6-E9C7-4E94-8FAD-938A37195F07}F:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) F:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{240A015A-C7AF-4CCA-ABF4-0002810C3D83}F:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) F:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{AFCB0F9A-D380-4F91-B11A-59A23A1A1E92}] => (Allow) F:\Bad Company 2\BFBC2Updater.exe
FirewallRules: [{B3527296-A1A9-4516-B93C-7CB913A412E7}] => (Allow) F:\Bad Company 2\BFBC2Updater.exe
FirewallRules: [{1AB355F3-B3D1-4B50-9305-B80C7F0D9F1B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6F3393C3-2C8B-4B76-8AD0-3895D526D3D0}] => (Allow) LPort=2869
FirewallRules: [{929B138D-08F9-49FC-ADEB-0D8AB2937C83}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{92888E25-0646-4C1D-8EBE-3843616DAD11}F:\guild wars 2\gw2.exe] => (Allow) F:\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{CE0E0373-365F-4D82-94D4-A1375A568320}F:\guild wars 2\gw2.exe] => (Allow) F:\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{B2CED705-AE1E-49D0-923A-056BCE6F8A76}F:\war thunder\launcher.exe] => (Allow) F:\war thunder\launcher.exe
FirewallRules: [UDP Query User{69E6BF44-16CE-43F8-A274-55DD2E8D9B15}F:\war thunder\launcher.exe] => (Allow) F:\war thunder\launcher.exe
FirewallRules: [TCP Query User{611CCE48-04D9-4171-BCC5-887CE3B97722}F:\war thunder\aces.exe] => (Allow) F:\war thunder\aces.exe
FirewallRules: [UDP Query User{00F0CA04-711E-4904-8F80-F659480688D3}F:\war thunder\aces.exe] => (Allow) F:\war thunder\aces.exe
FirewallRules: [TCP Query User{B6531EE1-D36A-4544-AC00-FC6D7E44F1B0}F:\planetside 2\planetside2.exe] => (Allow) F:\planetside 2\planetside2.exe
FirewallRules: [UDP Query User{796A5CB7-B8F1-4B65-B182-7E7B45244192}F:\planetside 2\planetside2.exe] => (Allow) F:\planetside 2\planetside2.exe
FirewallRules: [{3BF4F1B5-32D1-4350-9999-45CFF1F654C5}] => (Allow) F:\Square Enix\Batman Arkham Asylum GOTY\Binaries\ShippingPC-BmGame.exe
FirewallRules: [{E60B9C6D-1ABC-478E-811F-49295C95E8AE}] => (Allow) F:\Square Enix\Batman Arkham Asylum GOTY\Binaries\ShippingPC-BmGame.exe
FirewallRules: [TCP Query User{D78A048C-728B-4FBD-A802-CCBF36A2A463}F:\steam\steamapps\common\dirt 3\dirt3_game.exe] => (Allow) F:\steam\steamapps\common\dirt 3\dirt3_game.exe
FirewallRules: [UDP Query User{B8F9EE60-DAAF-4BC9-BA1D-7D421FC2B9BF}F:\steam\steamapps\common\dirt 3\dirt3_game.exe] => (Allow) F:\steam\steamapps\common\dirt 3\dirt3_game.exe
FirewallRules: [{38DF9E47-046A-4FB1-84BC-8C8FF46F8E3E}] => (Allow) F:\GTAELC\EFLC\LaunchEFLC.exe
FirewallRules: [{37916AC2-BD9F-4AE4-BCB6-345E0482031A}] => (Allow) F:\GTAELC\EFLC\LaunchEFLC.exe
FirewallRules: [TCP Query User{6859F0C4-517F-4483-9701-47DB147CA9D9}F:\gtaelc\eflc\eflc.exe] => (Allow) F:\gtaelc\eflc\eflc.exe
FirewallRules: [UDP Query User{700FBA16-E228-49B7-9673-722E55036C1F}F:\gtaelc\eflc\eflc.exe] => (Allow) F:\gtaelc\eflc\eflc.exe
FirewallRules: [TCP Query User{0AA720AC-4082-4BF3-95FA-1B80003E6D8B}F:\steam\steamapps\downloading\224780\binaries\win32\rogame.exe] => (Allow) F:\steam\steamapps\downloading\224780\binaries\win32\rogame.exe
FirewallRules: [UDP Query User{BB266F47-5AF1-4837-B77D-8011169A8086}F:\steam\steamapps\downloading\224780\binaries\win32\rogame.exe] => (Allow) F:\steam\steamapps\downloading\224780\binaries\win32\rogame.exe
FirewallRules: [{4CB97E5C-6E07-4534-AD4E-A4E086A4085E}] => (Allow) F:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{B7803FF1-13C0-47DE-A28F-4CA96D1018C6}] => (Allow) F:\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{AE9BDDC7-28CC-4C93-B08D-A3316AAA3D58}] => (Allow) F:\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{39D952C9-6E59-4B79-BCBC-323D2FB0F4F3}] => (Allow) F:\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{19A0A5A0-C133-4340-BE70-F69B29423DB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6A3260DF-9FF8-41E9-99AD-DE7139DF12AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F969F383-7496-4C41-9CA4-050589E5BD0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E2BB630A-B5F8-46F3-A502-4756D7931E3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{DC73644C-9EF3-4820-A01F-82BB7BC5828E}F:\steam\steamapps\common\battlefield 2\prbf2.exe] => (Allow) F:\steam\steamapps\common\battlefield 2\prbf2.exe
FirewallRules: [UDP Query User{2B2FB375-2A5D-49BC-9F90-C9A29C1119FC}F:\steam\steamapps\common\battlefield 2\prbf2.exe] => (Allow) F:\steam\steamapps\common\battlefield 2\prbf2.exe
FirewallRules: [{8BB40840-5C29-44C1-9D3B-3D8C24FE3D17}] => (Block) F:\steam\steamapps\common\battlefield 2\prbf2.exe
FirewallRules: [{75247056-99B1-44B3-83BC-5A913D858D4C}] => (Block) F:\steam\steamapps\common\battlefield 2\prbf2.exe
FirewallRules: [{A0D32F31-9378-4C4F-BCB5-20EC41C14A05}] => (Allow) F:\The Hunter\launcher\launcher.exe
FirewallRules: [{5CEBC078-DC85-4FF6-BE52-D64267F7C1D2}] => (Allow) F:\The Hunter\launcher\launcher.exe
FirewallRules: [{8E2CCAD1-C704-4A34-B1A3-8C309BFE21CC}] => (Allow) F:\Steam\steamapps\common\Battlefield 2\prbf2.exe
FirewallRules: [{A0F588AE-8FE3-4A94-B9B4-7B166BF9440A}] => (Allow) F:\Steam\steamapps\common\Battlefield 2\mods\pr\bin\PRLauncher.exe
FirewallRules: [{20389FF4-1EC5-47F2-894B-C7676A4FFCCF}] => (Allow) F:\Steam\steamapps\common\Battlefield 2\mods\pr\bin\PRUpdater.exe
FirewallRules: [{BEDCA16D-44D6-4D39-BC4C-788ED423A100}] => (Allow) F:\Steam\steamapps\common\Battlefield 2\mods\pr\bin\PRMumble\PRMumble.exe
FirewallRules: [TCP Query User{E94F04D9-4C13-4536-B00C-27845CF9DBED}P:\iracing remote date\irdualserver.exe] => (Allow) P:\iracing remote date\irdualserver.exe
FirewallRules: [UDP Query User{5AEF362F-BF46-42D2-B34E-A573C97246EB}P:\iracing remote date\irdualserver.exe] => (Allow) P:\iracing remote date\irdualserver.exe
FirewallRules: [{C78D2052-4E57-46FF-B374-4A8B1BF402FD}] => (Block) P:\iracing remote date\irdualserver.exe
FirewallRules: [{8D38CCA0-8ED6-4C0E-845E-C1E56D7A0B65}] => (Block) P:\iracing remote date\irdualserver.exe
FirewallRules: [TCP Query User{2C54D15D-33F5-441D-9F67-B3821F5AF63A}F:\the hunter\game\thehunter.exe] => (Allow) F:\the hunter\game\thehunter.exe
FirewallRules: [UDP Query User{3AE911EE-5A1D-44B9-A5AD-C17FD43C879A}F:\the hunter\game\thehunter.exe] => (Allow) F:\the hunter\game\thehunter.exe
FirewallRules: [{75E62CFE-513F-4D80-A4FA-5FE786122476}] => (Block) F:\the hunter\game\thehunter.exe
FirewallRules: [{A1EB7C2D-7F85-4608-9F05-6FA88B19B71D}] => (Block) F:\the hunter\game\thehunter.exe
FirewallRules: [TCP Query User{D2411FA8-E49C-41FE-9A3A-E46A5CCED607}F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{7B4B3BA4-1ECE-4E15-A2EF-DEE02DD501A0}F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{DAB5FDE0-14B7-4847-8B5C-D35A0CE46460}] => (Block) F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{85087F4E-75DA-4C0A-BA82-1EC5808761AF}] => (Block) F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{A1F84806-BFFD-454E-991C-91DEC004C621}] => (Allow) F:\Steam\SteamApps\cplcharlie\source sdk base 2007\hl2.exe
FirewallRules: [{DCA864B5-0662-4A85-B372-91A1995C693F}] => (Allow) F:\Steam\SteamApps\cplcharlie\source sdk base 2007\hl2.exe
FirewallRules: [{FE9E3439-157A-4249-8E96-ECC585EE0BCF}] => (Allow) F:\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{9A2743E6-0BDD-4E48-A9B7-8C8EA9433735}] => (Allow) F:\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [TCP Query User{CCD33A20-5EB9-4ACB-A2C9-55DD54F1CF4C}F:\origin games\dead space\dead space.exe] => (Allow) F:\origin games\dead space\dead space.exe
FirewallRules: [UDP Query User{9A22AC85-B850-4B3D-A878-D78C5016FFE8}F:\origin games\dead space\dead space.exe] => (Allow) F:\origin games\dead space\dead space.exe
FirewallRules: [{A0B52394-19B5-4A5A-9EC5-5CA72790B11B}] => (Block) F:\origin games\dead space\dead space.exe
FirewallRules: [{0B03D3AF-8866-410F-AC11-6659E30C8BC0}] => (Block) F:\origin games\dead space\dead space.exe
FirewallRules: [TCP Query User{65AFBAA3-EEBE-4BD2-B5A8-BF7E474B8E71}F:\origin games\crysis 2 maximum edition\bin32\crysis2.exe] => (Allow) F:\origin games\crysis 2 maximum edition\bin32\crysis2.exe
FirewallRules: [UDP Query User{A86B5954-9502-4613-AF8C-31DE97D03651}F:\origin games\crysis 2 maximum edition\bin32\crysis2.exe] => (Allow) F:\origin games\crysis 2 maximum edition\bin32\crysis2.exe
FirewallRules: [{0E3341C1-6F1F-49B6-999B-927225FC508C}] => (Block) F:\origin games\crysis 2 maximum edition\bin32\crysis2.exe
FirewallRules: [{0B2773CC-CE7F-4E39-81B9-64931E1613C3}] => (Block) F:\origin games\crysis 2 maximum edition\bin32\crysis2.exe
FirewallRules: [TCP Query User{C52F6190-0B5D-4046-949D-DBBB025523C1}F:\kart\kart.exe] => (Allow) F:\kart\kart.exe
FirewallRules: [UDP Query User{99BF19CC-14B0-47AA-A556-A4898128F6F1}F:\kart\kart.exe] => (Allow) F:\kart\kart.exe
FirewallRules: [{74ACC5D4-5490-4649-BF61-79025D6F00F2}] => (Block) F:\kart\kart.exe
FirewallRules: [{CB769837-0438-472B-96D9-A767B54504C1}] => (Block) F:\kart\kart.exe
FirewallRules: [TCP Query User{64239471-BCA9-4D83-9A16-B97E1BFA19CD}P:\avchd\avchdcoder.exe] => (Allow) P:\avchd\avchdcoder.exe
FirewallRules: [UDP Query User{9EB45CB5-6DBF-42D9-85FE-319B4D1ED927}P:\avchd\avchdcoder.exe] => (Allow) P:\avchd\avchdcoder.exe
FirewallRules: [{F2147BEF-6D6F-4F09-B493-A8520E49F0B0}] => (Block) P:\avchd\avchdcoder.exe
FirewallRules: [{876B324A-862B-4A33-9635-C73CD81254D4}] => (Block) P:\avchd\avchdcoder.exe
FirewallRules: [TCP Query User{B32E9EF9-E4EE-40A9-BD8A-9A1924506B39}P:\vlcmkvbleep\osmo4.exe] => (Allow) P:\vlcmkvbleep\osmo4.exe
FirewallRules: [UDP Query User{AC98AAF4-B384-45AB-B3F0-E6BCB077AA5E}P:\vlcmkvbleep\osmo4.exe] => (Allow) P:\vlcmkvbleep\osmo4.exe
FirewallRules: [{521AFE27-CD14-4FE0-9761-0DDF16854DD4}] => (Block) P:\vlcmkvbleep\osmo4.exe
FirewallRules: [{36772CC8-C15F-4008-877B-6B5328451BF3}] => (Block) P:\vlcmkvbleep\osmo4.exe
FirewallRules: [{E55DEA8B-3E69-428B-8BC9-ED1F7BE9202F}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{FF24E1AD-CCB6-4D5F-9027-22B2EDD57A2F}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [TCP Query User{2DB2B967-1964-4C5F-AEA5-1C1AE426601E}F:\simraceway\simracewaygame.exe] => (Allow) F:\simraceway\simracewaygame.exe
FirewallRules: [UDP Query User{8BA716B3-EAAB-4054-83DE-0FB15EF226DC}F:\simraceway\simracewaygame.exe] => (Allow) F:\simraceway\simracewaygame.exe
FirewallRules: [{2B44A13A-7A31-4A17-A19B-C882F820B9FA}] => (Block) F:\simraceway\simracewaygame.exe
FirewallRules: [{B053D892-B22D-40C4-9B12-010572C742F4}] => (Block) F:\simraceway\simracewaygame.exe
FirewallRules: [{0A07AB17-339B-4433-A64E-8F4DF4C68822}] => (Allow) F:\Steam\SteamApps\common\SNOW\Bin32\SNOW.exe
FirewallRules: [{90538345-535A-4CC0-A1DF-096349CFDF2D}] => (Allow) F:\Steam\SteamApps\common\SNOW\Bin32\SNOW.exe
FirewallRules: [{BF9D5C3C-82F7-4B42-8FAD-1FEE6F2AFD51}] => (Allow) F:\Dead Rising 2\deadrising2.exe
FirewallRules: [{D362A521-0391-4EDB-BFF7-1559BC820D54}] => (Allow) F:\Dead Rising 2\deadrising2.exe
FirewallRules: [{74286915-4C09-4C21-A33C-7DEC6A96BD03}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0A0181FC-D40F-4126-9BC2-9C181BC74CB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E32F8833-B9E5-4A0E-AB7C-215DF126B0D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{2069D739-2E61-48AB-A6E6-6ED8A8BF9AC5}F:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [UDP Query User{86A08273-E679-4F72-AB73-41A9F2F119AC}F:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) F:\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [{85EAD712-FE81-4D64-8FEC-99C5CC940CA4}] => (Block) F:\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [{1F7DF8DF-0C88-4447-8393-48E2C5D5A297}] => (Block) F:\steam\steamapps\common\assettocorsa\acs.exe
FirewallRules: [TCP Query User{7D0AEA5A-6DA7-4892-ACFB-94DF0799FDEE}P:\enduhud-alpha6\enduhud.exe] => (Allow) P:\enduhud-alpha6\enduhud.exe
FirewallRules: [UDP Query User{263D5C35-E192-48EB-9E3B-EE5852B490FE}P:\enduhud-alpha6\enduhud.exe] => (Allow) P:\enduhud-alpha6\enduhud.exe
FirewallRules: [{56B3C134-7D80-4F7D-B19C-8AE25811DDE3}] => (Block) P:\enduhud-alpha6\enduhud.exe
FirewallRules: [{E7A8D2E7-34A3-47F4-82DD-40A9DAE5489D}] => (Block) P:\enduhud-alpha6\enduhud.exe
FirewallRules: [{875D7D7F-6ED5-44DA-AD01-11ABB38213CA}] => (Allow) F:\Origin Games\Medal of Honor Warfighter\MOHW.exe
FirewallRules: [{DF86E5E3-62DE-48F6-A18F-A0CC182B07B7}] => (Allow) F:\Origin Games\Medal of Honor Warfighter\MOHW.exe
FirewallRules: [{B6023D5A-6ACB-4C3A-84BE-B25D7F6F9BE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D91D6593-FAAB-4A3C-AB74-C706735C4519}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{131114E9-0FF5-45F4-826D-F24AF12908FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4C3C72BD-7C8D-46B8-9385-B9BEA608505F}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{ABF225BB-ABBA-4B51-A906-1431099212AF}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{52B507CF-2FA6-4E8A-A7B0-70583C8ADF5F}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{B2F9675E-B335-4550-A3CD-EFB261EAD322}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{26DE110E-32D8-4DBF-AA26-95F7A13E6DD0}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{552FE2F3-6EA7-46D2-BFFD-826679948E90}] => (Allow) F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{3149F6C4-7ACD-4F0E-9381-89A687E305D4}] => (Allow) F:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{1EEEAC08-43D1-4A2D-AB73-54A046752C70}] => (Allow) F:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{37DC6AD4-C436-4E9E-A6C6-DD925FA61CED}] => (Allow) F:\Steam\SteamApps\common\defcon\defcon.exe
FirewallRules: [{5B18C32D-4F66-475F-8F4D-C840EBB77BC9}] => (Allow) F:\Steam\SteamApps\common\defcon\defcon.exe
FirewallRules: [{32FE1268-AB8F-4B43-97CF-E48B89B508CD}] => (Allow) F:\Steam\SteamApps\common\sniper elite\SniperElite.exe
FirewallRules: [{B4314C6D-5994-4FF3-97E7-8D99EDA3156D}] => (Allow) F:\Steam\SteamApps\common\sniper elite\SniperElite.exe
FirewallRules: [{FB2B2154-ED57-4C7F-BAD7-1DFEBF312CE9}] => (Allow) F:\Steam\SteamApps\common\stalker shadow of chernobyl\bin\XR_3DA.exe
FirewallRules: [{7C469637-C2A6-49E2-BC9D-66A6E2C19C3F}] => (Allow) F:\Steam\SteamApps\common\stalker shadow of chernobyl\bin\XR_3DA.exe
FirewallRules: [{ADCE07F9-F461-4AE3-9580-1B3DD6FE5A6F}] => (Allow) F:\Steam\SteamApps\common\Full Spectrum Warrior\Launcher.exe
FirewallRules: [{1B258EB0-3C9D-493E-9FB2-E76E66834EE2}] => (Allow) F:\Steam\SteamApps\common\Full Spectrum Warrior\Launcher.exe
FirewallRules: [{BCE12B6A-97AC-4B57-B04E-82A4A0039CC3}] => (Allow) F:\Steam\SteamApps\common\Full Spectrum Warrior\help.htm
FirewallRules: [{18F20AC7-7646-4D66-917F-721F2A996FEF}] => (Allow) F:\Steam\SteamApps\common\Full Spectrum Warrior\help.htm
FirewallRules: [{952ADD3D-891D-49B8-AB55-EA0CDC8F8E9C}] => (Allow) F:\Steam\SteamApps\common\Full Spectrum Warrior Ten Hammers\fsw2.exe
FirewallRules: [{3A51D9A4-2BC9-4660-89A2-10A041FA0F9A}] => (Allow) F:\Steam\SteamApps\common\Full Spectrum Warrior Ten Hammers\fsw2.exe
FirewallRules: [{FE688E4A-D37F-482F-BD1E-065FE12F43CF}] => (Allow) F:\Steam\SteamApps\common\Full Spectrum Warrior Ten Hammers\help.htm
FirewallRules: [{B7104224-9241-411F-8BBF-F5CA3A8DFCF7}] => (Allow) F:\Steam\SteamApps\common\Full Spectrum Warrior Ten Hammers\help.htm
FirewallRules: [{A5FE8EF2-066D-488C-9835-EC5AE05C7B0C}] => (Allow) F:\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{59ECCDF6-7655-4233-A0FD-D198C1C6AACE}] => (Allow) F:\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{365FCE86-BDBD-4E77-A348-980266119FF3}] => (Allow) F:\Steam\SteamApps\common\hitman 2 silent assassin\hitman2.exe
FirewallRules: [{3049A473-AA08-48CC-B91F-F502C071DD82}] => (Allow) F:\Steam\SteamApps\common\hitman 2 silent assassin\hitman2.exe
FirewallRules: [{E90B1945-6145-43BA-A965-321DE86525B4}] => (Allow) F:\Steam\SteamApps\common\hitman 2 silent assassin\config.exe
FirewallRules: [{AE324B45-CF53-47AB-89BC-7F89E311B4E7}] => (Allow) F:\Steam\SteamApps\common\hitman 2 silent assassin\config.exe
FirewallRules: [{565B3A46-0B89-4564-9B1D-EA7734F6D827}] => (Allow) F:\Steam\SteamApps\common\hitman blood money\hitmanbloodmoney.exe
FirewallRules: [{4BB5FA67-D73C-4A2A-A916-88D25EF0F538}] => (Allow) F:\Steam\SteamApps\common\hitman blood money\hitmanbloodmoney.exe
FirewallRules: [{B940249A-134A-4A76-8F9E-C9E3B43EF38B}] => (Allow) F:\Steam\SteamApps\common\hitman blood money\configure.exe
FirewallRules: [{40A72CFF-72E9-4D11-ABDF-82FF241E5B7F}] => (Allow) F:\Steam\SteamApps\common\hitman blood money\configure.exe
FirewallRules: [{0077996D-69DC-4343-B699-1284A7976E2E}] => (Allow) F:\Steam\SteamApps\common\hitman codename 47\Hitman.Exe
FirewallRules: [{9E8C8B9B-D1DB-45A4-B004-BDB8AEBA8343}] => (Allow) F:\Steam\SteamApps\common\hitman codename 47\Hitman.Exe
FirewallRules: [{36019C1D-BB55-446B-9F1E-9E68345F0CD2}] => (Allow) F:\Steam\SteamApps\common\hitman codename 47\Setup.exe
FirewallRules: [{41A9217F-F1D4-4857-A89D-AFDB82F6225D}] => (Allow) F:\Steam\SteamApps\common\hitman codename 47\Setup.exe
FirewallRules: [{B912A667-1C24-4922-AADC-BAEFB1EFA7E6}] => (Allow) F:\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{237336BC-3C14-423E-84E5-EE0C4730FA1B}] => (Allow) F:\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{C4ADB5DE-F6D7-4410-A7E2-E57B3E775EA5}] => (Allow) F:\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{72BBD368-1721-496E-80B7-B5C11BF5E99E}] => (Allow) F:\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{28DD7864-397D-45EA-B74F-B875FE74A6BC}] => (Allow) F:\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{1220AAEC-D08F-481B-A37E-A2C947B19966}] => (Allow) F:\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{53CDF9DB-FAFF-4C8F-B13B-081ADCB2EE8D}] => (Allow) F:\Steam\SteamApps\common\Commander Keen\base1\dosbox.exe
FirewallRules: [{B50F5DD3-C544-48EB-A97D-D2E3D45C2161}] => (Allow) F:\Steam\SteamApps\common\Commander Keen\base1\dosbox.exe
FirewallRules: [{364F88D5-473C-47BF-A162-8F8B5C4EAF2B}] => (Allow) F:\Steam\SteamApps\common\Commander Keen\base2\dosbox.exe
FirewallRules: [{61545EA5-7E1D-4EAA-A1C3-7245A982EB97}] => (Allow) F:\Steam\SteamApps\common\Commander Keen\base2\dosbox.exe
FirewallRules: [{76B6D918-7412-4856-A6A9-4BE49B1A080B}] => (Allow) F:\Steam\SteamApps\common\Commander Keen\base3\dosbox.exe
FirewallRules: [{679F5D77-FCAD-4B1F-85B2-635C18345BF6}] => (Allow) F:\Steam\SteamApps\common\Commander Keen\base3\dosbox.exe
FirewallRules: [{FEF0EE1E-1E56-49DA-8FCB-484E7A773574}] => (Allow) F:\Steam\SteamApps\common\Commander Keen\base4\dosbox.exe
FirewallRules: [{25E865E8-9BD8-43BB-B73A-708F3C2E9B63}] => (Allow) F:\Steam\SteamApps\common\Commander Keen\base4\dosbox.exe
FirewallRules: [{D8054200-1BA2-4C33-9736-86C05A706272}] => (Allow) F:\Steam\SteamApps\common\Commander Keen\base5\dosbox.exe
FirewallRules: [{2E2E4279-A08A-4C74-8E3E-32A81EB30283}] => (Allow) F:\Steam\SteamApps\common\Commander Keen\base5\dosbox.exe
FirewallRules: [{705B9354-8D58-471D-AA43-08A28CA78F12}] => (Allow) F:\Steam\SteamApps\common\operations flashpoint dragon rising - demo\OFDR Demo.exe
FirewallRules: [{F88CEC62-0AD8-4803-93D0-9F5C841EFFE1}] => (Allow) F:\Steam\SteamApps\common\operations flashpoint dragon rising - demo\OFDR Demo.exe
FirewallRules: [{A2135509-171A-40A5-8A83-BAA9A8A99610}] => (Allow) F:\Steam\SteamApps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [{ECD4CFD0-815B-4E8A-8E52-A155D5445263}] => (Allow) F:\Steam\SteamApps\common\america's army 3\Binaries\AA3Loader.exe
FirewallRules: [{B390DE3E-C159-4A25-9D5C-E05767BD7A88}] => (Allow) F:\Steam\SteamApps\common\rainbow six vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{114DE360-2B57-46BC-90A5-9131A7BA8716}] => (Allow) F:\Steam\SteamApps\common\rainbow six vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{D0EDF8BF-ED79-4D0E-AB23-AFF11BE9EFF2}] => (Allow) F:\Steam\SteamApps\common\aaaaaaaaaaaaaaaaaaaaaaaaa!!!\main.exe
FirewallRules: [{30B8AB46-FC1D-4BAB-9CB0-0641E6380EF6}] => (Allow) F:\Steam\SteamApps\common\aaaaaaaaaaaaaaaaaaaaaaaaa!!!\main.exe
FirewallRules: [{94FC3E5D-EBA2-450D-ABD3-AC135365EB73}] => (Allow) F:\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{B36AD8DC-79F6-4394-BAA5-915CB5E0988A}] => (Allow) F:\Steam\SteamApps\common\mirrors edge\Binaries\MirrorsEdge.exe
FirewallRules: [{3B3867FE-5939-4D4F-B720-825C1F452489}] => (Allow) F:\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{919A0918-EB7A-4CBD-BD9A-13E2885EE4AA}] => (Allow) F:\Steam\SteamApps\common\mirrors edge\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{A7514511-B0AB-456E-8F63-CF131D445D44}] => (Allow) F:\Steam\SteamApps\common\shattered_horizon\client_exe\shattered_horizon.exe
FirewallRules: [{D796B378-5309-4E53-AA2C-4EB7D7E751B0}] => (Allow) F:\Steam\SteamApps\common\shattered_horizon\client_exe\shattered_horizon.exe
FirewallRules: [{9793C0E9-8A72-4B70-8226-558B24AC0286}] => (Allow) F:\Steam\SteamApps\common\zero gear\ZeroGear.bat
FirewallRules: [{7DE4B8DC-F22B-40FD-B26C-CC1752EC552C}] => (Allow) F:\Steam\SteamApps\common\zero gear\ZeroGear.bat
FirewallRules: [{46751AFC-9DC5-4E22-A87B-A9E3D4CBEFE3}] => (Allow) F:\Steam\SteamApps\common\company of heroes\RelicCOH.exe
FirewallRules: [{A2838B7C-595D-4FAB-B43B-D34FB3E40978}] => (Allow) F:\Steam\SteamApps\common\company of heroes\RelicCOH.exe
FirewallRules: [{4BB85B44-07A9-4006-9CEE-700FFDA08044}] => (Allow) F:\Steam\SteamApps\common\red faction ii\Red Faction II.exe
FirewallRules: [{910DA342-75FE-4613-9FC7-EEE5D035B778}] => (Allow) F:\Steam\SteamApps\common\red faction ii\Red Faction II.exe
FirewallRules: [{3E99504C-49AA-48BA-A173-F58EC1F67374}] => (Allow) F:\Steam\SteamApps\common\battlefield 2\BF2.exe
FirewallRules: [{F5AAA51A-2D08-4D3E-80CB-792E4C68A7C0}] => (Allow) F:\Steam\SteamApps\common\battlefield 2\BF2.exe
FirewallRules: [{801174DB-EDD8-42BF-9E41-D6D8CA860271}] => (Allow) F:\Steam\SteamApps\common\battlefield 2\support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{D1617F19-86DE-4F26-B085-C25BD00E9A2F}] => (Allow) F:\Steam\SteamApps\common\battlefield 2\support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{EFE5D8D2-F917-42AC-9992-D92E46BFB6D5}] => (Allow) F:\Steam\SteamApps\common\swkotor\swkotor.exe
FirewallRules: [{9F4B3284-7D15-44A9-825A-88ED3DCDEDD0}] => (Allow) F:\Steam\SteamApps\common\swkotor\swkotor.exe
FirewallRules: [{7B449EA4-C3B7-4917-B43C-9BB6B7CE8092}] => (Allow) F:\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{A491D3C2-55F0-4BFB-B397-8FE21362DE67}] => (Allow) F:\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{2A895519-59D4-4852-AC22-6FED3E65D6BA}] => (Allow) F:\Steam\SteamApps\common\assassin's creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{26B09B22-CE37-40D4-9F10-2513A6D9BDDE}] => (Allow) F:\Steam\SteamApps\common\assassin's creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{29205697-888A-4B8D-99F7-284DF91B7FA2}] => (Allow) F:\Steam\SteamApps\common\from dust\From_Dust.exe
FirewallRules: [{8840A809-8B3B-4922-A9CE-1E00D7B178D5}] => (Allow) F:\Steam\SteamApps\common\from dust\From_Dust.exe
FirewallRules: [{022B02FF-2389-419E-B385-FC27C171B0D6}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{D87E476E-81EE-4DBF-AAD0-9FDA6E5A1DDA}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\data\encyclopedia\how_to_play.html
FirewallRules: [{1F57B837-2F99-41F2-A5B1-808C1E2790B2}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{9C80146D-C98D-492F-89FB-C3C5EBCB1D08}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_current_settings.bat
FirewallRules: [{0B6F362D-B178-4E8C-9123-676C55580D7B}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{EBE4EB56-00F3-4AB4-9862-339978946CC3}] => (Allow) F:\Steam\SteamApps\common\Total War SHOGUN 2\benchmarks\benchmark_specify_properties.bat
FirewallRules: [{70CB9D22-2198-4392-891E-AC304C92D762}] => (Allow) F:\Steam\SteamApps\common\sniper ghost warrior\Sniper_x86.exe
FirewallRules: [{19598849-F61B-4846-8DB3-0888E73EB071}] => (Allow) F:\Steam\SteamApps\common\sniper ghost warrior\Sniper_x86.exe
FirewallRules: [{DE162902-5D3F-40EB-B84F-A62758F4B4A8}] => (Allow) F:\Steam\SteamApps\common\red orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{4CED17AF-A681-41CD-9DBC-7DDF741159DA}] => (Allow) F:\Steam\SteamApps\common\red orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{443CCF91-9C49-4BFB-97F4-00868072783E}] => (Allow) F:\Steam\SteamApps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{CEAD8135-BECD-4D1B-B24D-B292EEE13E72}] => (Allow) F:\Steam\SteamApps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{8BF937CF-E3E7-4CFE-ABBC-0CE79E0B2CB6}] => (Allow) F:\Steam\SteamApps\common\metro 2033\metro2033.exe
FirewallRules: [{10D96F94-4561-4A0C-AC6C-A797FB0CF480}] => (Allow) F:\Steam\SteamApps\common\metro 2033\metro2033.exe
FirewallRules: [{183FFD94-A093-4087-9AB1-92A53F6EF3DD}] => (Allow) F:\Steam\SteamApps\common\assassins creed brotherhood\ACBSP.exe
FirewallRules: [{5575B045-A8D2-4A1A-BA0E-F3EF90132FB1}] => (Allow) F:\Steam\SteamApps\common\assassins creed brotherhood\ACBSP.exe
FirewallRules: [{A3373209-011C-4051-8382-B9A4C62D507A}] => (Allow) F:\Steam\SteamApps\common\anno 2070\Anno5.exe
FirewallRules: [{F8074CC4-EE98-43DB-86B0-9A12BC6C7C4A}] => (Allow) F:\Steam\SteamApps\common\anno 2070\Anno5.exe
FirewallRules: [{74C3E478-B8A7-4BB8-B1E8-C8324A795B75}] => (Allow) F:\Steam\SteamApps\common\mountblade warband\mb_warband.exe
FirewallRules: [{75E6EA30-8403-4ADA-B007-2587A583489B}] => (Allow) F:\Steam\SteamApps\common\mountblade warband\mb_warband.exe
FirewallRules: [{308CB2C8-930F-4647-8833-00121928E029}] => (Allow) F:\Steam\SteamApps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{D04AA221-B0EB-43DB-85F8-EAD6ACBFC156}] => (Allow) F:\Steam\SteamApps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{D0E43730-AC0C-4A82-80F5-C6B47401C41D}] => (Allow) F:\Steam\SteamApps\common\dcs a-10c warthog\bin\Run.exe
FirewallRules: [{A6E3D491-A7BD-4602-860C-507194F6F826}] => (Allow) F:\Steam\SteamApps\common\dcs a-10c warthog\bin\Run.exe
FirewallRules: [{D951572E-8138-409D-B79C-8A2EC8FE6D8F}] => (Allow) F:\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{2D18FC30-EAB3-4D32-9107-C83384398887}] => (Allow) F:\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{DB957523-26BD-4C35-8BCB-0EAC2963A59C}] => (Allow) F:\Steam\SteamApps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe
FirewallRules: [{3A67A413-89E2-49A2-AFF4-513E640D081F}] => (Allow) F:\Steam\SteamApps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe
FirewallRules: [{E1FBE873-2097-4921-9F0A-F4030E978CD5}] => (Allow) F:\Steam\SteamApps\common\warincbattlezone\RSUpdate.exe
FirewallRules: [{B5C87C02-06CA-46B3-9D9D-8D8E8D2A3553}] => (Allow) F:\Steam\SteamApps\common\warincbattlezone\RSUpdate.exe
FirewallRules: [{8A2D68B2-F76A-40C7-8A71-DE565DC48586}] => (Allow) F:\Steam\SteamApps\common\realm of the mad god\Realm of the Mad God.exe
FirewallRules: [{41B44623-4C6D-48C2-941F-1438435F3CB3}] => (Allow) F:\Steam\SteamApps\common\realm of the mad god\Realm of the Mad God.exe
FirewallRules: [{8BC8F6BD-5B01-40C5-AA3E-853990EE8AB9}] => (Allow) F:\Steam\SteamApps\common\cities xl 2012\CitiesXL_2012.exe
FirewallRules: [{71293B4B-ECC1-47A0-9FEE-0FBFF26BFD4B}] => (Allow) F:\Steam\SteamApps\common\cities xl 2012\CitiesXL_2012.exe
FirewallRules: [{7809CB3D-8549-497E-BEB1-A046E180B640}] => (Allow) F:\Steam\SteamApps\common\assassin's creed revelations\ACRSP.exe
FirewallRules: [{CCA77F03-0230-451A-855C-E6DB39DDEB12}] => (Allow) F:\Steam\SteamApps\common\assassin's creed revelations\ACRSP.exe
FirewallRules: [{44AE88E7-4896-4EED-ADCB-970F87EE0101}] => (Allow) F:\Steam\SteamApps\common\assassin's creed revelations\ACRMP.exe
FirewallRules: [{9D7761B4-6A05-408F-A749-0CB2D2F60134}] => (Allow) F:\Steam\SteamApps\common\assassin's creed revelations\ACRMP.exe
FirewallRules: [{289F7FC6-B136-4FD7-B6DD-161E2024816A}] => (Allow) F:\Steam\SteamApps\common\ValveTestApp207490\Rayman Origins.exe
FirewallRules: [{7460A9F5-3144-44F5-9407-88C67B5B6919}] => (Allow) F:\Steam\SteamApps\common\ValveTestApp207490\Rayman Origins.exe
FirewallRules: [{8C0ECE35-F073-492E-A437-E4454F2982AD}] => (Allow) F:\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{1F93A477-816A-4791-AE20-A7DD29926ED6}] => (Allow) F:\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{AE4B4414-BDC8-4D7D-AF22-F79783193E30}] => (Allow) F:\Steam\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{AD8CED0B-D467-4124-B8DB-949B6231E610}] => (Allow) F:\Steam\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{3798A926-D4B8-40E9-80D9-93805F698431}] => (Allow) F:\Steam\SteamApps\common\F1 2012\F1_2012.exe
FirewallRules: [{E1B11C35-8F73-4B0F-9A82-540C0EFF03BF}] => (Allow) F:\Steam\SteamApps\common\F1 2012\F1_2012.exe
FirewallRules: [{99E02A8D-059B-4A99-86D4-F5FAF0083768}] => (Allow) F:\Steam\SteamApps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{8FFE15B6-C568-4412-A60C-DA611BD8A032}] => (Allow) F:\Steam\SteamApps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{30C9C4F9-EADD-470C-9379-BD1D03EED246}] => (Allow) F:\Steam\SteamApps\common\sniper elite v2 demo\bin\SniperEliteV2Demo.exe
FirewallRules: [{DC17A5C9-E2E7-401A-AEE4-506BA30911A4}] => (Allow) F:\Steam\SteamApps\common\sniper elite v2 demo\bin\SniperEliteV2Demo.exe
FirewallRules: [{2C950835-F6E5-465B-8619-60E8741EC626}] => (Allow) F:\Steam\SteamApps\common\XCom-Enemy-Unknown-Demo\Binaries\Win32\XComGame.exe
FirewallRules: [{4EB4034A-AFA1-4760-9952-45A62A13453B}] => (Allow) F:\Steam\SteamApps\common\XCom-Enemy-Unknown-Demo\Binaries\Win32\XComGame.exe
FirewallRules: [{6ADDECC1-49AA-41B7-8B3C-06FC163C0160}] => (Allow) F:\Steam\SteamApps\common\BrutalLegend\BrutalLegend.exe
FirewallRules: [{08028274-88BD-48CD-9BA7-3B59FC190B9D}] => (Allow) F:\Steam\SteamApps\common\BrutalLegend\BrutalLegend.exe
FirewallRules: [{370CB79B-CF05-42EB-B839-9AF0B8A8485F}] => (Allow) F:\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{1C030E59-342C-4468-929A-2F64E5482032}] => (Allow) F:\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{389F657E-C58D-4D99-9CF3-0DCA0FE203A7}] => (Allow) F:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{2D6F3DF7-DEDA-4619-8C2E-DBF9C41DEDC3}] => (Allow) F:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{D54EDF44-B373-43F8-B968-B46E4AB60AE9}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C53966DF-971A-4D9A-9FB8-68090EE0AD5C}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{2BC72A47-0E95-4CE7-9B48-E5A96142A3E9}] => (Allow) F:\Steam\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{9B1C1C05-42CD-44ED-A7C7-CD878D4D0A49}] => (Allow) F:\Steam\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{6DC67115-A19C-4A46-91FC-4BBAF152B321}] => (Allow) F:\Steam\SteamApps\common\Home\home-win-eng.exe
FirewallRules: [{8C5AF1A3-E0A7-4E03-AD7B-53A82EEDD65A}] => (Allow) F:\Steam\SteamApps\common\Home\home-win-eng.exe
FirewallRules: [{77E858FA-DA44-42F9-A9D3-5C945C906C49}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DEDE3216-818A-4804-99E7-64B76E32E29C}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4A7B0C6E-C63D-4149-968F-5A1D6EE764DF}] => (Allow) F:\Steam\SteamApps\common\nmrih\sdk\hl2.exe
FirewallRules: [{EB14C0B9-1B34-4B62-9A32-15D92FCD94AF}] => (Allow) F:\Steam\SteamApps\common\nmrih\sdk\hl2.exe
FirewallRules: [{75BB458D-E71B-47A5-B3CA-D4F84B3EB8C4}] => (Allow) F:\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{B1FE7EFC-D59C-44C7-89BF-34CA109C529B}] => (Allow) F:\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{9AB3BA35-E1F3-4E18-9B62-1ABBB040E364}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DC0E5DB3-F7A7-45BE-BFF1-1CCE614ACB32}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2DA544E1-ED21-4F6A-B819-146BE43963AA}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{030BB907-6875-4BCF-8289-049B66CDDCCF}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A2F7BDCB-15DA-4EB4-8C68-ED1159E66A49}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{185A253F-5371-4E4D-B5BA-C3BCE8419BF1}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0E91B830-F2F9-4846-A2C9-C05BE1474221}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{034037C4-E4B5-4A7C-979C-9A1EA6A16499}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{183DD94D-315A-4742-8DB1-E85C4B43210C}] => (Allow) F:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{0DBE27BF-7801-4A22-980F-2A8F65E3BC1E}] => (Allow) F:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{7EEE63FC-671D-4C07-BF9D-68A338389937}] => (Allow) F:\Steam\SteamApps\common\War of the Vikings\run_game.exe
FirewallRules: [{1007FF3D-9EEC-4EE8-B657-51FA10F9D14B}] => (Allow) F:\Steam\SteamApps\common\War of the Vikings\run_game.exe
FirewallRules: [{AB46E3F3-1077-42E2-9470-CCA87A477C87}] => (Allow) F:\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{276BE67A-1933-4F53-90BB-A76FFEBFE350}] => (Allow) F:\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{878EC301-6B39-42ED-A7F7-515E1A67F2E1}] => (Allow) F:\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{BA1AF093-8F8B-4F50-9D4A-4A70D8EC761C}] => (Allow) F:\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{20970B8A-D40E-460D-944A-AE8034E276D7}] => (Allow) F:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{3DFD3082-A007-40E9-92A1-10C399B7DAFA}] => (Allow) F:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{A7F23CB4-B36B-4F61-B4DB-80F4321CF076}] => (Allow) F:\Steam\SteamApps\common\mass effect\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{AB796207-5BFB-41F9-A63C-17F7A2168109}] => (Allow) F:\Steam\SteamApps\common\mass effect\docs\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{F6ADB13B-4F4F-4E6C-8630-E069324BE93A}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E2AEB007-7E73-4B46-82F9-C117B153FC80}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{22863367-20E6-4B44-9ACA-9AB0CC81232B}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9EBAE921-BF31-4141-AE2A-E2BB610EE8FE}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{66FF5544-30E1-481F-831A-CF0B213BFF1B}] => (Allow) F:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{35382CF3-6226-4533-9789-3E881A3809A9}] => (Allow) F:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{3AEF49BC-82FB-43F4-BF05-790E7B912E93}] => (Allow) F:\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{2F49D53B-985C-4D69-AD98-08D97F0FB18F}] => (Allow) F:\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{25F9D79A-913E-491F-B252-5365CD859901}] => (Allow) F:\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{BB89A162-1E52-4A55-ACF5-749CE4C1045F}] => (Allow) F:\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{3DD3CEC2-0C46-43D3-8B09-76940C7865B1}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BE8789A1-5153-4B06-897E-CD1C1BF5D67F}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{86D62082-3530-4B4B-B3C7-597B7089A647}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ECD484CA-07DF-4E9B-B033-388F670333FE}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F6BBEFCF-E4BB-4B46-AEA3-5B67B829C1E2}] => (Allow) F:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{DA30E630-7322-4867-BE45-67DC68D91387}] => (Allow) F:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{77E35BF5-5315-4DA9-BAE1-B8827ABF3D1D}] => (Allow) F:\Steam\SteamApps\common\nmrih\sdk\hl2.exe
FirewallRules: [{32CC3C4E-B1D3-4BD3-A96C-30DCB8C46E55}] => (Allow) F:\Steam\SteamApps\common\nmrih\sdk\hl2.exe
FirewallRules: [{4FB7D91C-8A83-4C4C-AB1C-D615BC35103F}] => (Allow) F:\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{A95F2C90-9BE0-4D7D-BF03-0A8E001F76D9}] => (Allow) F:\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{8A0E57D4-D3EF-4C41-BFBD-F0F4A5971A57}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1BF65329-C3D5-4E11-803C-2EA623834291}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{FB9882DA-3536-49B4-9AC7-4438E8FEAD76}] => (Allow) F:\Steam\SteamApps\common\crusader kings ii\ck2game.exe
FirewallRules: [{3A807114-F06C-4E44-A152-E9CF778396EB}] => (Allow) F:\Steam\SteamApps\common\crusader kings ii\ck2game.exe
FirewallRules: [{1F63BCEE-15EC-4998-B865-894D7681A2AE}] => (Allow) F:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{E4FD3B7A-6535-42BD-B514-2B27C055FAB4}] => (Allow) F:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{55301E29-6F9B-4848-8E48-990610051DAE}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F851FB5C-51A2-480C-AD5B-1BF6BFC35F05}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{58C84D16-BD8A-4247-98AD-D2A2040F0FA5}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{69C35BE7-BC4B-4498-8FFF-B713BDC4C4F9}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A4FBD9DE-37CB-4C2C-85F2-3F4BA757DAEB}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3F7EAA5F-EC91-43BE-8A6E-C10EB40FA8A3}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CEE71377-0993-46E8-968F-B8A0A191985F}] => (Allow) F:\Steam\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{666851ED-EAB9-4453-9E2F-57B11B82FAD1}] => (Allow) F:\Steam\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{DBDC238E-BA09-4D57-84E9-EA4679D27135}] => (Allow) F:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{44751ACB-CED4-4410-B166-419E9CE4648F}] => (Allow) F:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{9382936F-733E-4FA3-AA09-1E45F4FC967A}] => (Allow) F:\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{DA6A6444-6BF9-43FC-8697-74FAF93D3630}] => (Allow) F:\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{121DF6FD-9229-42C4-BA15-E6A13E5FE6D2}] => (Allow) F:\Steam\SteamApps\common\alan wake\AlanWake.exe
FirewallRules: [{7584C3BC-3288-4DC6-B3B2-139C6D0A9EB3}] => (Allow) F:\Steam\SteamApps\common\alan wake\AlanWake.exe
FirewallRules: [{1E8F4806-D2CB-4C8D-BAA1-4632B8428002}] => (Allow) F:\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{0C80985B-A1C2-4231-9550-650715E43AB2}] => (Allow) F:\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{7CA42833-F6B5-41DA-98C7-EC39321608E3}] => (Allow) F:\Steam\SteamApps\common\Project Zomboid Demo\ProjectZomboid64.exe
FirewallRules: [{71B51460-4055-45F2-9286-DAF1D476FBCA}] => (Allow) F:\Steam\SteamApps\common\Project Zomboid Demo\ProjectZomboid64.exe
FirewallRules: [{BDF01CB5-BDB3-47A8-9D3B-15B041D8791E}] => (Allow) F:\Steam\SteamApps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{1ABBEF50-9074-4F13-949D-4EB3CCD47EA9}] => (Allow) F:\Steam\SteamApps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{410212AD-B916-468B-8D0F-11E8AA3F9560}] => (Allow) F:\Steam\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{A5D14F06-EBC6-47B8-80A1-3C2C4F95BCFD}] => (Allow) F:\Steam\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{DC4C6480-1FC4-4FC6-A508-D0CD9D5AA835}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DA6B77B7-A61C-45F0-908B-8E13137AF491}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E32A9581-2976-431B-BFC2-80CC8D2E5562}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{94D4FB37-B012-4357-957F-72A6F8C24F05}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A3FFE25D-6D5D-490A-BF87-4E2EE05E7CA6}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FE92B06E-EC69-4832-80FE-C71483F9647A}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DFB850DE-D6B6-4611-9C3C-00EDAC031465}] => (Allow) F:\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{57D26F9B-1DF7-4777-9E76-0BA4EDFDDC54}] => (Allow) F:\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{4352C3C2-5F89-4ECB-9274-A1114AC3995F}] => (Allow) F:\Steam\SteamApps\common\crusader kings ii\ck2game.exe
FirewallRules: [{4D83A66B-068C-4328-8EB8-3C2151CFAE5E}] => (Allow) F:\Steam\SteamApps\common\crusader kings ii\ck2game.exe
FirewallRules: [{48E93039-B0B4-45FA-8989-87F6567547A7}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8867C817-0AE9-4AFC-B93B-6892B3D95B28}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{38168B96-3D7A-41BE-B372-224D08A3DCD9}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{647C872D-2F9E-4A1C-9CA1-E0448201AAC8}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{89970259-3B0F-4FE5-AC56-14155AAABA71}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2E6E25AC-959D-4BE3-870A-40F7C9777E60}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D7E07193-5D3A-4620-8BC1-1812BB7D01D7}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6A4F26CA-84BA-4D07-8BD9-24E80914DAF5}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{5F103BA3-99C2-44E2-B89F-1CF1AC58770B}F:\steam\steam.exe] => (Allow) F:\steam\steam.exe
FirewallRules: [UDP Query User{236CB72F-8DFB-4F4A-B425-C9081B421884}F:\steam\steam.exe] => (Allow) F:\steam\steam.exe
FirewallRules: [{6DA9F48C-287D-4469-88A6-9A93F265EF87}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7C103AF6-C63C-4B34-B854-CB0C4A1AF95D}] => (Allow) F:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{43B2598B-EED5-42AA-98B0-D4398BE09C65}] => (Allow) F:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{6A80A1A5-8915-433B-B70D-E7F5836CE266}] => (Allow) F:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{5E5259D6-66DE-4564-AA9F-41B83833AE52}F:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) F:\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{039E6DF0-C96E-459C-BAEB-4D5B8D181CF1}F:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) F:\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{47D09A8B-75A1-4EE8-B93E-5A22F44277C4}F:\steam\steamapps\common\star wars battlefront ii\gamedata\battlefrontii.exe] => (Allow) F:\steam\steamapps\common\star wars battlefront ii\gamedata\battlefrontii.exe
FirewallRules: [UDP Query User{59A3641F-D309-4F3B-ADFE-FC201BAE9FFF}F:\steam\steamapps\common\star wars battlefront ii\gamedata\battlefrontii.exe] => (Allow) F:\steam\steamapps\common\star wars battlefront ii\gamedata\battlefrontii.exe
FirewallRules: [TCP Query User{F040CDE3-CB3A-4E20-88EF-5C95A135AB4E}F:\steam\steamapps\common\snow\bin32\playsnow.exe] => (Allow) F:\steam\steamapps\common\snow\bin32\playsnow.exe
FirewallRules: [UDP Query User{FC59D3E5-F732-4F5A-9710-486AE5AD0E20}F:\steam\steamapps\common\snow\bin32\playsnow.exe] => (Allow) F:\steam\steamapps\common\snow\bin32\playsnow.exe
FirewallRules: [TCP Query User{7F0BD828-7369-4D3F-92DE-B7C78FEAD306}F:\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe] => (Allow) F:\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe
FirewallRules: [UDP Query User{9F76723D-CEA9-4FFB-9A4C-E62221A32CEA}F:\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe] => (Allow) F:\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe
FirewallRules: [{BB4BADEF-F452-402A-B969-E287D592960D}] => (Allow) F:\Heroes & Generals\live\hng.exe
FirewallRules: [{1E519B5B-8C2F-4CD8-B187-EF84B1217533}] => (Allow) F:\Heroes & Generals\live\hng.exe
FirewallRules: [TCP Query User{3B90DC47-4D80-4DE3-98E8-A52084B1DC5D}F:\steam\steamapps\common\nmrih\sdk\hl2.exe] => (Allow) F:\steam\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [UDP Query User{792FDC99-4E76-469E-BF1B-B37D0FA60DB7}F:\steam\steamapps\common\nmrih\sdk\hl2.exe] => (Allow) F:\steam\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [TCP Query User{BBFBE93D-0AB5-4A8C-990C-16D42B8546DD}F:\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe] => (Allow) F:\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [UDP Query User{EFD9E40F-E506-4207-9564-3ED7B0FB4E88}F:\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe] => (Allow) F:\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [TCP Query User{EB89C10E-C56C-4667-AD44-4DE8E9D74F7E}F:\steam\steamapps\common\tacticalintervention\bin\tacint.exe] => (Allow) F:\steam\steamapps\common\tacticalintervention\bin\tacint.exe
FirewallRules: [UDP Query User{ABAE82F1-1228-4E7D-9D9E-5BE662981C22}F:\steam\steamapps\common\tacticalintervention\bin\tacint.exe] => (Allow) F:\steam\steamapps\common\tacticalintervention\bin\tacint.exe
FirewallRules: [TCP Query User{0F2EC388-A167-4852-BFF2-CFE331F3600E}F:\steam\steamapps\common\dirt 3\dirt3_game.exe] => (Allow) F:\steam\steamapps\common\dirt 3\dirt3_game.exe
FirewallRules: [UDP Query User{400D3E9E-F0C1-4E32-B9B7-43F3386B647D}F:\steam\steamapps\common\dirt 3\dirt3_game.exe] => (Allow) F:\steam\steamapps\common\dirt 3\dirt3_game.exe
FirewallRules: [{7539D4C7-39BE-4480-98D3-9EE42308C1FD}] => (Allow) F:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{32FB3C37-44FE-414D-A21C-0961ED1AB507}] => (Allow) F:\Steam\SteamApps\common\Spiral Knights\java_vm\bin\javaw.exe
FirewallRules: [{17399B3D-93A3-47AB-B0BA-524CCB719B0A}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A2442783-F273-4F63-95DE-FA8E0277CEFA}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6AC9C12B-3602-447E-BD2A-33EF1EDCBDA8}] => (Allow) F:\Steam\SteamApps\common\Universe Sandbox\Universe Sandbox.exe
FirewallRules: [{FB43C615-CA44-48D2-82C9-33E6A6C47AD3}] => (Allow) F:\Steam\SteamApps\common\Universe Sandbox\Universe Sandbox.exe
FirewallRules: [{96DDF280-E789-4117-A487-DC71C766751C}] => (Allow) F:\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{7FB63092-DA03-4201-B26C-21C41553C0AE}] => (Allow) F:\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{A2813490-097D-4B3C-A4C5-2111D6EF5B5A}] => (Allow) F:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{79C04F24-3241-4C9E-AD80-E04A3B134DDC}] => (Allow) F:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{31B911EA-6FED-4F75-A647-49D1A2C46B09}] => (Allow) F:\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{EB1E0BA0-C98D-48BF-BB54-B873CFCBE130}] => (Allow) F:\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{AB8B0954-D2C6-43A0-B10C-D07CD7545528}] => (Allow) F:\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{9561A936-2F82-4E5D-B48A-76035D014412}] => (Allow) F:\Steam\SteamApps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{1B4C4944-7ED1-4BC9-AB77-B08E7E475914}] => (Allow) F:\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{FE9C79DC-76A3-48B5-99CB-7A04EBBBB4A3}] => (Allow) F:\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{DF7314C7-CC9D-47F4-8C47-D8A40741E638}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{EC429A2E-AB2D-4300-8AD4-41D717D720C7}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1B7E9268-43C6-4A7C-9B57-E2337E7A5128}] => (Allow) F:\Steam\SteamApps\common\homefront\Binaries\HOMEFRONT.exe
FirewallRules: [{FD54AA7A-65D6-4E71-89FC-73E259AC2B00}] => (Allow) F:\Steam\SteamApps\common\homefront\Binaries\HOMEFRONT.exe
FirewallRules: [{DFAC33D6-4BC1-42B8-B0A0-0E8E03F63D11}] => (Allow) F:\Dark Souls\DARKSOULS.exe
FirewallRules: [{9D4DAC34-1553-4A5B-BD0E-37AACF8A77CC}] => (Allow) F:\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{1248E06B-AB59-4E9B-9DC1-C640CB59E019}] => (Allow) F:\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{FD5181CA-6692-48A6-BE3E-ACE0E32EED97}] => (Allow) F:\Steam\SteamApps\common\Operation Flashpoint Red River\RedRiverLauncher.exe
FirewallRules: [{A81CA3C8-5149-4B76-AAE9-A360739FD3E5}] => (Allow) F:\Steam\SteamApps\common\Operation Flashpoint Red River\RedRiverLauncher.exe
FirewallRules: [TCP Query User{C7FC06C5-64A5-42F0-94C5-A0FC98E8A939}F:\steam\steamapps\common\operation flashpoint red river\redriver.exe] => (Allow) F:\steam\steamapps\common\operation flashpoint red river\redriver.exe
FirewallRules: [UDP Query User{6B427893-7249-46D7-B70F-1FC53D38094B}F:\steam\steamapps\common\operation flashpoint red river\redriver.exe] => (Allow) F:\steam\steamapps\common\operation flashpoint red river\redriver.exe
FirewallRules: [{97EF943D-265C-42A0-B360-C2E409C98568}] => (Block) F:\steam\steamapps\common\operation flashpoint red river\redriver.exe
FirewallRules: [{B831C3E1-41C8-4F1B-92D8-73C933009817}] => (Block) F:\steam\steamapps\common\operation flashpoint red river\redriver.exe
FirewallRules: [{3E95F2AA-02CE-45B3-9900-43FDE18F9312}] => (Allow) F:\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{464AF2B9-80C2-4E9C-B9C4-2DABD0231EF0}] => (Allow) F:\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{B16FFAD4-0269-4A32-AA4B-A2A0B4276736}] => (Allow) F:\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{D51397A9-88CB-462C-A624-E2B85CCEC02E}] => (Allow) F:\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{3805CE84-9E8E-4DED-A2D2-B5A3238A48F9}] => (Allow) F:\Steam\SteamApps\common\SNOW\Bin32\playSNOW.exe
FirewallRules: [{C3ECB35C-E869-4D9B-A16E-15A4B3C866E3}] => (Allow) F:\Steam\SteamApps\common\SNOW\Bin32\playSNOW.exe
FirewallRules: [{D5B0144B-928E-4BF4-9651-F7BB2277DC63}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{85754441-554E-4BC9-A585-A16B5AC0A6D2}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{08FE24F6-E96B-454C-9214-06AE317399AD}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{AC356C1C-B5CA-41BF-8C87-FCD4C382E6FD}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{54A1174B-A74F-4786-9704-3562E00C1B9D}] => (Allow) C:\Users\MrDyll\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6A41F2E6-7D25-42E6-9A74-2D579A0C78BE}] => (Allow) C:\Users\MrDyll\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E7763723-6926-41FB-B84A-87A8CAEBEF16}] => (Allow) F:\Heroes & Generals\live\hng.exe
FirewallRules: [{20AD9F12-8F09-43F2-B77E-455BF82BD4D1}] => (Allow) F:\Heroes & Generals\live\hng.exe
FirewallRules: [TCP Query User{CCD9F297-8994-4004-B268-F8AEE01C4297}F:\hearthstone\hearthstone.exe] => (Allow) F:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{3052450D-E1D0-4969-AE96-EAFC7B7633AC}F:\hearthstone\hearthstone.exe] => (Allow) F:\hearthstone\hearthstone.exe
FirewallRules: [{A2A0F642-2C9C-4EED-9F33-8336755E60F3}] => (Block) F:\hearthstone\hearthstone.exe
FirewallRules: [{DE16F4BF-7775-45B7-8B6A-6D9B0470F557}] => (Block) F:\hearthstone\hearthstone.exe
FirewallRules: [{2C97792C-D32D-4BA2-8D73-52FE88CBC41E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C145226F-1BD7-4FA7-BC63-8C0ED25E059C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [TCP Query User{161F3308-4E72-4B57-9A4C-4D58380571B3}F:\planetside 2\planetside2_x64.exe] => (Allow) F:\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{2448E1F6-C485-4F4B-B1B4-AB92806D388B}F:\planetside 2\planetside2_x64.exe] => (Allow) F:\planetside 2\planetside2_x64.exe
FirewallRules: [{1899284A-9B86-49BC-808C-CC94174FEB44}] => (Block) F:\planetside 2\planetside2_x64.exe
FirewallRules: [{979046E9-2462-491E-B9D1-45275D356579}] => (Block) F:\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{0410700C-6FBE-4DC0-AC0F-36A80AAC869F}F:\planetside 2\browsercontroller.exe] => (Allow) F:\planetside 2\browsercontroller.exe
FirewallRules: [UDP Query User{97FA5AD9-5EB2-4979-B3FC-27A420C24BBB}F:\planetside 2\browsercontroller.exe] => (Allow) F:\planetside 2\browsercontroller.exe
FirewallRules: [{62AF8E91-6D09-4CF1-95CC-FE325BBE5984}] => (Block) F:\planetside 2\browsercontroller.exe
FirewallRules: [{7111C364-98A1-46E5-AA35-CC647B2304E7}] => (Block) F:\planetside 2\browsercontroller.exe
FirewallRules: [TCP Query User{B7C3F6CB-19BC-49D7-93F7-41506B6ED2D9}F:\steam\steamapps\common\war thunder\aces.exe] => (Allow) F:\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{B86F3BE5-7EE9-4A5C-8B5B-C6407896FA60}F:\steam\steamapps\common\war thunder\aces.exe] => (Allow) F:\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{DAFFEA81-A5AD-4DA1-8023-E7A1A88B9E86}] => (Block) F:\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{A2C8F4CE-B31B-419F-8BAF-25E532C6CE6B}] => (Block) F:\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{FBC4B269-F03B-49BA-9A10-CE43446B46C4}] => (Allow) C:\Users\MrDyll\Downloads\UFC_Undisputed_3_PS3_KEYGEN_incl_CRACK_for_PS3_PC_2012_skidrow_exe_downloader.exe
FirewallRules: [{61C1FA3E-0465-4DBC-AD21-1EDF02AE2D5C}] => (Allow) C:\Users\MrDyll\Downloads\UFC_Undisputed_3_PS3_KEYGEN_incl_CRACK_for_PS3_PC_2012_skidrow_exe_downloader.exe
FirewallRules: [{5467AC59-52F0-4E40-97CD-AA0E0A21705D}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{692AE982-0385-4DC0-9AB3-77454AE660BE}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{C1932318-6385-48E5-9C1C-64A5177DC8E7}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{392A3B5D-E039-4B94-9A8A-7EFEB64E0BB5}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [TCP Query User{2546DB5D-30C1-49A1-8CA9-85FF2438CBD4}F:\steam\steamapps\common\shattered_horizon\server_exe\sh_server.exe] => (Allow) F:\steam\steamapps\common\shattered_horizon\server_exe\sh_server.exe
FirewallRules: [UDP Query User{84485C0B-8C2F-432B-A8EF-0D3009F2E2CE}F:\steam\steamapps\common\shattered_horizon\server_exe\sh_server.exe] => (Allow) F:\steam\steamapps\common\shattered_horizon\server_exe\sh_server.exe
FirewallRules: [{CFCFB1DA-184F-4DF1-8F2D-26A35352E173}] => (Block) F:\steam\steamapps\common\shattered_horizon\server_exe\sh_server.exe
FirewallRules: [{638F0FE6-394C-4739-A214-A7B99B8E555F}] => (Block) F:\steam\steamapps\common\shattered_horizon\server_exe\sh_server.exe
FirewallRules: [{450BE4A4-F8A7-458F-AFD0-811FED06B64E}] => (Allow) F:\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{EDC08445-2D24-4968-883B-FDE2569D3BED}] => (Allow) F:\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{892090FD-5963-415A-A6DB-A986957117C5}] => (Allow) F:\Steam\SteamApps\common\Tom Clancy's Ghost Recon Online\Launcher.exe
FirewallRules: [{427E6EF8-E900-46B7-AA27-AED4330A27F6}] => (Allow) F:\Steam\SteamApps\common\Tom Clancy's Ghost Recon Online\Launcher.exe
FirewallRules: [{C0C1C1F3-0F84-444A-82B3-8CA347983F5A}] => (Allow) F:\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{BC3339F7-C890-4E34-A042-9FECB4B1D107}] => (Allow) F:\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [TCP Query User{DCEAD492-CF07-4893-B768-338B0831043D}F:\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe] => (Allow) F:\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{DB1683F9-0369-441B-8AE3-567DC1A2BBC4}F:\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe] => (Allow) F:\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [{FB082348-BD81-4679-BED3-EE8865B405C4}] => (Block) F:\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [{08242137-FAAC-42A4-B798-66998AAFBBEE}] => (Block) F:\steam\steamapps\common\tom clancy's ghost recon online\game\ncsa-live\ghostreconphantoms.exe
FirewallRules: [{E8080E25-6BCB-4C03-B64A-0FD4CEA05C36}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{1A2AF93D-BE22-4F72-951E-BC309641AFFC}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{44A4CC47-64D7-4549-A62E-B7CCE1FA3732}] => (Allow) P:\uTorrent\uTorrent.exe
FirewallRules: [{21AEAADF-D866-4A4C-96C9-32B37AAD6D34}] => (Allow) P:\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{D66B5969-C8D4-479C-8CF1-079CDE1806F2}F:\gsc2013\gsc.exe] => (Allow) F:\gsc2013\gsc.exe
FirewallRules: [UDP Query User{903BABB9-C5E6-422D-B461-27380B9B665F}F:\gsc2013\gsc.exe] => (Allow) F:\gsc2013\gsc.exe
FirewallRules: [{2CECEA33-6FF5-49B3-A95B-947223E626A7}] => (Block) F:\gsc2013\gsc.exe
FirewallRules: [{57D426B2-B2B6-4429-AD86-E782EF6ADEF6}] => (Block) F:\gsc2013\gsc.exe
FirewallRules: [{6F9D020B-213F-4A9E-959E-4659229219D1}] => (Allow) F:\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{8CFCCD30-A864-4A9E-B0E4-620DAFBAC7EA}] => (Allow) F:\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{98DB47F9-6109-470C-AF4F-1E3AC4C76459}] => (Allow) F:\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{D2FE83B7-A0F2-4690-A33B-8E605DE76DD1}] => (Allow) F:\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [TCP Query User{85803089-AD3D-4FE9-B587-4B4A7E463969}F:\alien isolation\ai.exe] => (Allow) F:\alien isolation\ai.exe
FirewallRules: [UDP Query User{2303B0B8-E705-4C8D-98E2-BF9E2C201A60}F:\alien isolation\ai.exe] => (Allow) F:\alien isolation\ai.exe
FirewallRules: [{F3A2D87B-052C-4F05-8073-2C35BD2C4B38}] => (Block) F:\alien isolation\ai.exe
FirewallRules: [{D3CAB4FD-E441-47EE-BEE9-796657934ABD}] => (Block) F:\alien isolation\ai.exe
FirewallRules: [{B188A667-11D3-4115-A998-AAAD2C36B8E3}] => (Allow) C:\Users\MrDyll\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{49A0C791-A733-4185-914F-BBE541C01252}] => (Allow) C:\Users\MrDyll\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{26428DA3-C453-42DF-B77F-874F423D6AD2}F:\maniaplanet\maniaplanet.exe] => (Allow) F:\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{A02D7B68-3683-4899-AB00-71D4B402DF6E}F:\maniaplanet\maniaplanet.exe] => (Allow) F:\maniaplanet\maniaplanet.exe
FirewallRules: [{6CEB1AB8-8EF1-4F1C-8EEA-90D449E433E0}] => (Block) F:\maniaplanet\maniaplanet.exe
FirewallRules: [{76F47B0E-9B2F-4D95-A27D-A7B594D52F29}] => (Block) F:\maniaplanet\maniaplanet.exe
FirewallRules: [{A55A321E-5B46-469A-8D8B-E28BF6E44409}] => (Allow) F:\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{7F3933AA-B8FE-496C-99A2-DCFFC86CF326}] => (Allow) F:\Steam\SteamApps\common\TacticalIntervention\bin\tacint.exe
FirewallRules: [{BF2C7756-B9FF-4B1B-AD85-5823C7BBA436}] => (Allow) F:\Steam\SteamApps\common\amnesia the dark descent\Amnesia.exe
FirewallRules: [{93AD3D7E-8BC3-4AF3-A5F5-EB8829646742}] => (Allow) F:\Steam\SteamApps\common\amnesia the dark descent\Amnesia.exe
FirewallRules: [TCP Query User{B4C1C400-BBD5-4793-8B15-B83D78C8B8B2}F:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) F:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe
FirewallRules: [UDP Query User{8663294D-8B74-4AD5-8B69-9645576B5BDD}F:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) F:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe
FirewallRules: [{63B7B929-0B8F-415A-8628-47690E1011C2}] => (Block) F:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe
FirewallRules: [{9B9C9702-8082-4DF0-A3E5-F1A0479AA47C}] => (Block) F:\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe
FirewallRules: [{2593B766-2F93-4ED1-822E-3CA0C63A56E1}] => (Allow) F:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [{4BA0DACA-1706-4B17-818A-A5CABDECA8C9}] => (Allow) F:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe
FirewallRules: [TCP Query User{797C47F2-2BAF-4D18-B5D2-00C416A5D615}F:\steam\steamapps\common\assettocorsa\acshowroom.exe] => (Allow) F:\steam\steamapps\common\assettocorsa\acshowroom.exe
FirewallRules: [UDP Query User{54A6A26A-A47A-44FB-8284-C828C7FBD411}F:\steam\steamapps\common\assettocorsa\acshowroom.exe] => (Allow) F:\steam\steamapps\common\assettocorsa\acshowroom.exe
FirewallRules: [{B24540DA-34C1-4DF4-8235-ABE39E1B182F}] => (Block) F:\steam\steamapps\common\assettocorsa\acshowroom.exe
FirewallRules: [{1DD2D478-CD99-4921-86C5-5BACBB4E9F2B}] => (Block) F:\steam\steamapps\common\assettocorsa\acshowroom.exe
FirewallRules: [{11F9E0DF-007F-4159-AB6E-2E65D87665E2}] => (Allow) F:\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{AF9D8554-ACEB-41B3-9CE3-4958CF88388B}] => (Allow) F:\Steam\SteamApps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{69633224-1F3F-4DD5-8C3B-2BD3145D4F92}] => (Allow) F:\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{4F55BA5B-FEE3-4D1F-B902-1DBA0E3120F0}] => (Allow) F:\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{F3E1AFF5-0ABF-4A53-8490-20EBB8F50B90}] => (Allow) F:\Steam\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{F751BA18-DC0F-4371-99B1-3F6E581953B5}] => (Allow) F:\Steam\SteamApps\common\MagickaWizardWars\WizardWarsLauncher.exe
FirewallRules: [{E1CBFDD7-BA75-4927-BCAD-E1880EFC6A36}] => (Allow) F:\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{EC10CA37-DFA7-46F0-BDCA-D5C54561C907}] => (Allow) F:\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [TCP Query User{76AE031B-7D74-4C5E-843F-E0F4534A9EDA}F:\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) F:\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [UDP Query User{8D578017-63A0-49CB-858A-BF395EF4605A}F:\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe] => (Allow) F:\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{0F400DBF-A5C1-4DD2-8C40-057C43602723}] => (Block) F:\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{AE104D4F-0E57-403B-A89B-BAF08C9788C1}] => (Block) F:\steam\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe
FirewallRules: [{11FF05F4-BE77-42F4-854E-DA9361D48561}] => (Allow) F:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{EC28194E-A12B-4575-9A10-7E3CDAD6D3C6}] => (Allow) F:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{C3F77731-E7A9-4B53-ABC6-F1D40420265B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1718203F-9554-4C8A-96A7-FE9317E873C9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F4F82A0B-837C-4321-9866-E413D4377BE1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D9A26004-F98E-472A-8474-2250DCA52627}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{310A4E28-4CFE-4013-980E-E6CEDDFDE380}] => (Allow) F:\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{639B178A-02AE-4A0A-8656-080291AC36A9}] => (Allow) F:\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{395D6CF8-E5CB-44CF-B4C4-887BC59F1EFB}] => (Allow) F:\Steam\SteamApps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{CF0768CF-61C1-428B-AE1E-990B304FAAD3}] => (Allow) F:\Steam\SteamApps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [TCP Query User{C93B9D16-7CD7-4ED0-8C25-FD50E4F4A52C}F:\dishonored\dishonored\binaries\win32\dishonored.exe] => (Allow) F:\dishonored\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{67A453A1-700D-4734-8435-24672515837C}F:\dishonored\dishonored\binaries\win32\dishonored.exe] => (Allow) F:\dishonored\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{0D81DE27-C9E5-4187-8274-CC39BE5B4EF3}] => (Block) F:\dishonored\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{A9D2DC00-4BC4-4E92-9B46-8A13E69EA8A1}] => (Block) F:\dishonored\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{37A61B37-A633-4B0C-AE46-E5D22DDB3B1F}] => (Allow) F:\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{EFB15F42-AE0E-452F-81D0-BDED82AF3D1F}] => (Allow) F:\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{8CB2A4E2-7A1B-4F22-8353-9A1A8A740D11}F:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{3304D0DC-D5D5-452E-B716-198A40CE9173}F:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{EADF5DF0-BDA9-4A85-8957-2E6202B205D9}] => (Block) F:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{0DF7AB23-B323-4A7D-853F-ACA7BEAE0547}] => (Block) F:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{EAE990EC-BBB0-4CDA-92FE-572AD670DA95}] => (Allow) F:\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{BF95BF19-9DF3-4A78-B0C8-19970522F993}] => (Allow) F:\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{77E130C7-0302-419B-AD31-EEDEC586AD2E}] => (Allow) F:\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{29D46211-ED35-4CE8-9009-D9AE1AD97322}] => (Allow) F:\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [TCP Query User{E6691521-21AE-457A-AEBB-E2175E8C5516}F:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) F:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [UDP Query User{5024E7C6-8D0B-402B-8766-13AB6729BD25}F:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) F:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [TCP Query User{E3F3CE69-4C51-4A14-AAE3-5D5987C84D0A}F:\origin games\battlefield bad company 2\bfbc2game.exe] => (Allow) F:\origin games\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{EFA52948-C0BE-4C90-BF22-C3C31FED8278}F:\origin games\battlefield bad company 2\bfbc2game.exe] => (Allow) F:\origin games\battlefield bad company 2\bfbc2game.exe
FirewallRules: [TCP Query User{2126AF17-7649-483F-A559-A5B94DB0C45B}C:\users\mrdyll\appdata\roaming\25assist\armyops\system\armyops.exe] => (Allow) C:\users\mrdyll\appdata\roaming\25assist\armyops\system\armyops.exe
FirewallRules: [UDP Query User{3439C6D7-CB4A-415A-8B7B-00A5C8732BB4}C:\users\mrdyll\appdata\roaming\25assist\armyops\system\armyops.exe] => (Allow) C:\users\mrdyll\appdata\roaming\25assist\armyops\system\armyops.exe
FirewallRules: [TCP Query User{A410FC9F-1428-4FE6-8E73-EBA2963494C5}F:\world_of_tanks\wotlauncher.exe] => (Allow) F:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{C8AB6549-3A41-4681-AA64-31E929E0C49B}F:\world_of_tanks\wotlauncher.exe] => (Allow) F:\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{638E336C-6D48-4492-AC5D-C7674EEBFBFD}F:\world_of_tanks\worldoftanks.exe] => (Allow) F:\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{10328BED-9812-4F67-A65C-382B701A3542}F:\world_of_tanks\worldoftanks.exe] => (Allow) F:\world_of_tanks\worldoftanks.exe
FirewallRules: [{6AA71128-E13B-4729-8B12-940CC658213C}] => (Allow) F:\Steam\SteamApps\common\SNOW\Bin64\playSNOW_Release.exe
FirewallRules: [{33A0E03C-77B9-475B-A81B-5F40F53A8B29}] => (Allow) F:\Steam\SteamApps\common\SNOW\Bin64\playSNOW_Release.exe
FirewallRules: [TCP Query User{51F1D87A-64DD-4881-88E4-96D3ADA4B5FC}F:\steam\steamapps\common\defcon\defcon.exe] => (Allow) F:\steam\steamapps\common\defcon\defcon.exe
FirewallRules: [UDP Query User{79A46A5A-C369-483B-85ED-FDBB65371C61}F:\steam\steamapps\common\defcon\defcon.exe] => (Allow) F:\steam\steamapps\common\defcon\defcon.exe
FirewallRules: [TCP Query User{93E92D1F-AAA7-4E3B-9064-DC406CE99A74}F:\origin games\medal of honor warfighter\mohw.exe] => (Allow) F:\origin games\medal of honor warfighter\mohw.exe
FirewallRules: [UDP Query User{02F5E742-7523-4640-85B6-A0B082C2192D}F:\origin games\medal of honor warfighter\mohw.exe] => (Allow) F:\origin games\medal of honor warfighter\mohw.exe
FirewallRules: [{14D0070F-11A1-4D54-992E-73B9341BE5B2}] => (Allow) F:\Steam\SteamApps\common\Continuum\Continuum.exe
FirewallRules: [{2DDB2189-C688-4D41-8EC3-37E7AE620F94}] => (Allow) F:\Steam\SteamApps\common\Continuum\Continuum.exe
FirewallRules: [{19E1E76A-C88F-4024-ACDC-729C7C982E43}] => (Allow) F:\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{6F5BAC3C-2899-4466-814F-6E36512B6174}] => (Allow) F:\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{17739ECC-9F56-4B92-BD98-BA9AECC955A8}] => (Allow) F:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{9400D669-B365-4F93-9C40-BC7F2F8DFC97}] => (Allow) F:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{AC9C224F-0E6A-4212-A403-E4186ADB7D90}] => (Allow) F:\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{D15817B2-3F36-4977-ABA6-6113E0D5AEB3}] => (Allow) F:\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{33B20113-FB4C-433E-B907-9FC27533FCCE}] => (Allow) F:\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{30D33192-AE1E-4BAC-AE69-D8B812B27C5B}] => (Allow) F:\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{6F97DD0C-8FA2-485B-AC77-A4B42FE986E4}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3F22E6AD-5F0B-4367-8EA5-35563D69B6BD}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{871AB3FC-D889-4BED-84B1-EC1F9EBA2272}] => (Allow) P:\ispeed\iSpeed.exe
FirewallRules: [{25814A48-5194-48EE-A385-610911C1C59E}] => (Allow) F:\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{47890D41-853B-46CB-894A-3BB5C1984BDF}] => (Allow) F:\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{5B43DC05-71FC-4C04-8609-1A95063735A0}] => (Allow) F:\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{4883AE53-9B60-47D6-91BD-B1A9046B30F6}] => (Allow) F:\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{20BB7411-E0E2-4551-A3C9-8E3A99D0967B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8B7B3545-98EF-45FF-AF26-938958432210}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7D64DCC0-E57D-448B-974B-FC75B122876F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{9F2EB698-9FBD-4052-A6F4-4DD7EF77CBDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9B56B745-B6A9-4FDE-8FCB-E9FC82E64024}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{68E88919-1581-4759-ABE4-B51FC5EA64EB}P:\ninja trader 7\bin\ninjatrader.exe] => (Allow) P:\ninja trader 7\bin\ninjatrader.exe
FirewallRules: [UDP Query User{36DBCE1E-275B-404E-885E-23A1BE68CD8B}P:\ninja trader 7\bin\ninjatrader.exe] => (Allow) P:\ninja trader 7\bin\ninjatrader.exe
FirewallRules: [{F2026E42-6526-4364-8DFE-5449E0D5A769}] => (Allow) F:\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{EB71191D-466F-426A-8C90-F7D9AAC7BAA5}] => (Allow) F:\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{63390CC3-E00D-4664-A02C-13E0900EC730}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B18F5A1A-BC96-47E9-9BAA-94465D70CB72}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8CB89FD7-49C6-4B63-B23D-05FF8A5C2C65}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0FE816C1-15D0-4652-93A6-1C4C18342342}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F90B0DAC-15CF-4E60-A919-CB11CA9434BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D1C821A4-15EA-4A80-ABDB-FA9F4153C918}] => (Allow) P:\Origin Games BF3\Battlefield 3\bf3.exe
FirewallRules: [{6B2E893A-0277-4995-9197-EBD8474A49BD}] => (Allow) P:\Origin Games BF3\Battlefield 3\bf3.exe
FirewallRules: [{5E420FD6-DD95-4F94-8547-1DE53723C466}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{672107AD-363F-41CA-873E-5D60B89EA7EB}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{781ACA77-FB43-445A-A220-8130B8C4E85E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{250602F5-52B3-46D7-8ED2-CC1D239BD3B2}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{F17385EE-C3F4-42CE-99B5-7081177123E7}] => (Allow) F:\Steam\SteamApps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{4D35FACD-E5B8-42E0-9C94-62A589B0A230}] => (Allow) F:\Steam\SteamApps\common\SNOW\Bin64\playSNOW.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: NAVEX15
Description: NAVEX15
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NAVEX15
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/28/2015 11:38:58 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (11/28/2015 11:38:58 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/28/2015 11:35:34 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: MrDyll-PC)
Description: Unloading the performance counter strings for service ASP.NET (ASP.NET) failed. The first DWORD in the Data section contains the error code.
 
Error: (11/28/2015 11:35:34 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: MrDyll-PC)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/28/2015 11:35:34 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: MrDyll-PC)
Description: Unloading the performance counter strings for service ASP.NET_4.0.30319 (ASP.NET_4.0.30319) failed. The first DWORD in the Data section contains the error code.
 
Error: (11/28/2015 11:35:34 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: MrDyll-PC)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/28/2015 11:35:33 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: MrDyll-PC)
Description: Unloading the performance counter strings for service ASP.NET (ASP.NET) failed. The first DWORD in the Data section contains the error code.
 
Error: (11/28/2015 11:35:33 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: MrDyll-PC)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (11/28/2015 11:35:33 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: MrDyll-PC)
Description: Unloading the performance counter strings for service aspnet_state (ASP.NET State Service) failed. The first DWORD in the Data section contains the error code.
 
Error: (11/28/2015 11:35:33 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: MrDyll-PC)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
 
System errors:
=============
Error: (11/28/2015 11:33:12 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
SRTSP
 
Error: (11/28/2015 11:33:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Internet Security service failed to start due to the following error: 
%%1053
 
Error: (11/28/2015 11:33:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Norton Internet Security service to connect.
 
Error: (11/28/2015 11:32:50 AM) (Source: SRTSP) (EventID: 5) (User: )
Description: Error loading Symantec real time Anti-Virus driver.
 
Error: (11/28/2015 11:32:50 AM) (Source: SRTSP) (EventID: 4) (User: )
Description: Error loading virus definitions.
 
Error: (11/28/2015 11:30:28 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Media Player Network Sharing Service service, but this action failed with the following error: 
%%1056
 
Error: (11/28/2015 11:30:27 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
Error: (11/28/2015 11:29:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (11/28/2015 11:29:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (11/28/2015 11:29:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 57%
Total physical RAM: 8168.93 MB
Available physical RAM: 3440.13 MB
Total Virtual: 16337.85 MB
Available Virtual: 11371.95 MB
 
==================== Drives ================================
 
Drive a: (BFBC2) (CDROM) (Total:5.4 GB) (Free:0 GB) CDFS
Drive c: (SSD) (Fixed) (Total:111.69 GB) (Free:9.24 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Games) (Fixed) (Total:931.51 GB) (Free:0 GB) NTFS
Drive g: (Elements) (Fixed) (Total:931.28 GB) (Free:196.44 GB) FAT32
Drive p: (Programs) (Fixed) (Total:1863.01 GB) (Free:33.77 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5B5C44FD)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5B5C44FE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 8BFB98EB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: E8900690)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)
 
==================== End of Addition.txt ============================
 
 
I also ran AdwCleaner, I "cleaned" but MBAM still won't open. I've attached those log files. Any tips for this?
 
 
 
 
 
Any tips? 
 
 
 
 
 
 
 

Attached Files



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:17 PM

Posted 28 November 2015 - 12:32 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

Step 1

drweb1.PNGScan with Dr.Web CureIt!®
Download

Save it to the Desktop (If this is not possible, this program is portable, and runs right from the location it is downloaded to, like a USB drive or SD card.)

Double-click the drweb-cureit.exe or the random named file (i.e. 5mkuvc4z.exe) to run the program.

When first launched, Dr.Web CureIt loads in Enhanced Protection Mode (EPM).
For this mode, at the warning: To continue working in the EPM...(recommended), press: OK

  • EPM allows the program to operate even if malicious programs block access to Windows.
  • All four corners of the Desktop show: Dr.Web CureIt - Enhanced Protection Mode.
  • Functions of the Operating System are not accessible until the scan completes.

At the License and Updates window, check the box to Agree.

  • Only when an update is needed, the License and Updates window displays a notification.
  • To update Dr.Web CureIt!!, click: Update the program
  • At he Dr.Web CureIt! official website you can download the latest virus definitions and/or version of the program.
  • If needed, click: Select objects for scanning. Here you can specify which drives or files and directories to scan.

Next, click: Continue

At the Scan Mode window, press: Start Scanning

An Express Scan window appears where Dr.Web CureIt! displays general information on its progress and lists detected threats.
This scan may take a while depending on the number of drives or directories, so please be patient.

When the scan is done, a Scanning Completed window appears.
If viruses or other threats are identified, press: Neutralize
(Note: If you need to apply a different action to a threat, click the Action for it, and select whether to Cure, Move or Delete.)
When Neutralize is selected, a window appears with the neutralizing progress.

A Curing Completed window shows when the threats are neutralized successfully.
Close the window to return to the Desktop.
Also, restart the computer so files in use can be moved or deleted.
When back in Windows, search for the CureIt log:

  • Press Start, and in the Search programs and files area, type in (or copy/paste) the following: %USERPROFILE%\Doctor Web
  • When the Doctor Web folder appears in the search area, open the folder, and then open the CureIt log.

>> Please post the CureIt.log in your reply.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 MrDyll

MrDyll
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 29 November 2015 - 04:04 PM

Hi Jürgen,

I will not be able to access the computer until December 4th, but I will post my results then.

This happened after downloading and installing a Fallout 4 torrent, do I need to remove all the files, or just the cracked files?

Thanks for your help.

#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:17 PM

Posted 30 November 2015 - 04:32 AM

If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!


warning.gif P2P warning

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via hidden2.png > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:17 PM

Posted 02 December 2015 - 07:12 PM

Hi,

3 Day Inactivity

this is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 MrDyll

MrDyll
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 03 December 2015 - 07:56 PM

I'm on my way home today, I'll have that report done in about 4 hours.

#7 MrDyll

MrDyll
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 04 December 2015 - 12:34 AM

I can't post the contents of the cureit.log in a reply, it keeps crashing Chrome. So I'm going to attach it as a file.

Attached Files



#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:17 PM

Posted 04 December 2015 - 03:23 AM

Hi,

Step 1

Please download TDSStdsskiller.pngiller and save it to your Desktop.

  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters. (1)
  • Make sure that all available options (except "Loaded modules") are checked and click OK. (2)
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report (3) to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.

tdss.gif


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 MrDyll

MrDyll
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 04 December 2015 - 04:10 AM

20:07:48.0515 0x1a74  TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
20:07:52.0198 0x1a74  ============================================================
20:07:52.0198 0x1a74  Current date / time: 2015/12/04 20:07:52.0198
20:07:52.0198 0x1a74  SystemInfo:
20:07:52.0198 0x1a74  
20:07:52.0198 0x1a74  OS Version: 6.1.7601 ServicePack: 1.0
20:07:52.0198 0x1a74  Product type: Workstation
20:07:52.0198 0x1a74  ComputerName: MRDYLL-PC
20:07:52.0198 0x1a74  UserName: MrDyll
20:07:52.0198 0x1a74  Windows directory: C:\Windows
20:07:52.0198 0x1a74  System windows directory: C:\Windows
20:07:52.0198 0x1a74  Running under WOW64
20:07:52.0198 0x1a74  Processor architecture: Intel x64
20:07:52.0198 0x1a74  Number of processors: 8
20:07:52.0198 0x1a74  Page size: 0x1000
20:07:52.0198 0x1a74  Boot type: Normal boot
20:07:52.0198 0x1a74  ============================================================
20:07:52.0271 0x1a74  KLMD registered as C:\Windows\system32\drivers\78945575.sys
20:07:52.0306 0x1a74  System UUID: {864C2071-D702-50A4-7F9F-97EECA98B0B9}
20:07:52.0611 0x1a74  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
20:07:52.0611 0x1a74  Drive \Device\Harddisk2\DR2 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
20:07:52.0622 0x1a74  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:07:52.0634 0x1a74  Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:08:00.0080 0x1a74  ============================================================
20:08:00.0080 0x1a74  \Device\Harddisk1\DR1:
20:08:00.0080 0x1a74  MBR partitions:
20:08:00.0080 0x1a74  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
20:08:00.0080 0x1a74  \Device\Harddisk2\DR2:
20:08:00.0080 0x1a74  MBR partitions:
20:08:00.0080 0x1a74  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:08:00.0080 0x1a74  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
20:08:00.0080 0x1a74  \Device\Harddisk0\DR0:
20:08:00.0080 0x1a74  MBR partitions:
20:08:00.0080 0x1a74  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
20:08:00.0080 0x1a74  \Device\Harddisk3\DR3:
20:08:00.0081 0x1a74  MBR partitions:
20:08:00.0081 0x1a74  \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982
20:08:00.0081 0x1a74  ============================================================
20:08:00.0082 0x1a74  C: <-> \Device\Harddisk2\DR2\Partition2
20:08:00.0083 0x1a74  E: <-> \Device\Harddisk2\DR2\Partition1
20:08:00.0083 0x1a74  G: <-> \Device\Harddisk3\DR3\Partition1
20:08:00.0150 0x1a74  P: <-> \Device\Harddisk0\DR0\Partition1
20:08:00.0211 0x1a74  F: <-> \Device\Harddisk1\DR1\Partition1
20:08:00.0211 0x1a74  ============================================================
20:08:00.0212 0x1a74  Initialize success
20:08:00.0212 0x1a74  ============================================================
20:08:18.0346 0x1c48  ============================================================
20:08:18.0346 0x1c48  Scan started
20:08:18.0346 0x1c48  Mode: Manual; SigCheck; TDLFS; 
20:08:18.0346 0x1c48  ============================================================
20:08:18.0346 0x1c48  KSN ping started
20:08:21.0114 0x1c48  KSN ping finished: true
20:08:21.0908 0x1c48  ================ Scan system memory ========================
20:08:21.0908 0x1c48  System memory - ok
20:08:21.0909 0x1c48  ================ Scan services =============================
20:08:21.0936 0x1c48  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:08:21.0971 0x1c48  1394ohci - ok
20:08:21.0982 0x1c48  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:08:21.0994 0x1c48  ACPI - ok
20:08:21.0997 0x1c48  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:08:22.0015 0x1c48  AcpiPmi - ok
20:08:22.0020 0x1c48  [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
20:08:22.0031 0x1c48  acsock - ok
20:08:22.0038 0x1c48  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:08:22.0044 0x1c48  AdobeARMservice - ok
20:08:22.0055 0x1c48  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:08:22.0070 0x1c48  adp94xx - ok
20:08:22.0079 0x1c48  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:08:22.0091 0x1c48  adpahci - ok
20:08:22.0097 0x1c48  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:08:22.0106 0x1c48  adpu320 - ok
20:08:22.0110 0x1c48  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:08:22.0120 0x1c48  AeLookupSvc - ok
20:08:22.0131 0x1c48  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
20:08:22.0149 0x1c48  AFD - ok
20:08:22.0153 0x1c48  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:08:22.0159 0x1c48  agp440 - ok
20:08:22.0163 0x1c48  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:08:22.0175 0x1c48  ALG - ok
20:08:22.0178 0x1c48  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:08:22.0184 0x1c48  aliide - ok
20:08:22.0187 0x1c48  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:08:22.0192 0x1c48  amdide - ok
20:08:22.0195 0x1c48  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:08:22.0205 0x1c48  AmdK8 - ok
20:08:22.0209 0x1c48  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:08:22.0217 0x1c48  AmdPPM - ok
20:08:22.0221 0x1c48  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:08:22.0229 0x1c48  amdsata - ok
20:08:22.0236 0x1c48  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:08:22.0245 0x1c48  amdsbs - ok
20:08:22.0248 0x1c48  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:08:22.0254 0x1c48  amdxata - ok
20:08:22.0258 0x1c48  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
20:08:22.0267 0x1c48  AppID - ok
20:08:22.0270 0x1c48  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:08:22.0276 0x1c48  AppIDSvc - ok
20:08:22.0280 0x1c48  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
20:08:22.0290 0x1c48  Appinfo - ok
20:08:22.0294 0x1c48  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:08:22.0300 0x1c48  arc - ok
20:08:22.0305 0x1c48  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:08:22.0312 0x1c48  arcsas - ok
20:08:22.0384 0x1c48  [ 97ADBEE64030F125115BE8F45EDD7F70, 33DCFEEB972228044377BABB3033AF1379C35DE96D53DA0A91FFBE623B3D0AE5 ] ArcService      P:\Arc\Arc\ArcService.exe
20:08:22.0393 0x1c48  ArcService - ok
20:08:22.0406 0x1c48  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:08:22.0413 0x1c48  aspnet_state - ok
20:08:22.0417 0x1c48  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:08:22.0459 0x1c48  AsyncMac - ok
20:08:22.0463 0x1c48  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:08:22.0468 0x1c48  atapi - ok
20:08:22.0472 0x1c48  [ AAAE03F8EDA817EC28C5445193EA8BF3, 5A2ECB66936B87651202CAA7786D58DE6BFD8217B059C88775EB4B07BA2ADB89 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
20:08:22.0477 0x1c48  AthBTPort - ok
20:08:22.0480 0x1c48  [ 4ECC791539F23982411864037D1AC8FC, 063CBA00E453B5FF3CDFDFB5FA2E6A190A0DC3D399EC36F646262BE76F98A60C ] ATHDFU          C:\Windows\system32\Drivers\AthDfu.sys
20:08:22.0485 0x1c48  ATHDFU - ok
20:08:22.0490 0x1c48  [ C34B28D6285EAD94B3A2FABA84E90DA5, 82E69CBDEB9B0D6A2056AE6227A21C4CDB3050B384D69FA879607F3363ABBFD1 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:08:22.0495 0x1c48  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:08:25.0381 0x1c48  Detect skipped due to KSN trusted
20:08:25.0381 0x1c48  AtherosSvc - ok
20:08:25.0395 0x1c48  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:08:25.0417 0x1c48  AudioEndpointBuilder - ok
20:08:25.0431 0x1c48  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:08:25.0448 0x1c48  AudioSrv - ok
20:08:25.0454 0x1c48  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:08:25.0473 0x1c48  AxInstSV - ok
20:08:25.0484 0x1c48  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
20:08:25.0501 0x1c48  b06bdrv - ok
20:08:25.0509 0x1c48  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:08:25.0522 0x1c48  b57nd60a - ok
20:08:25.0527 0x1c48  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:08:25.0538 0x1c48  BDESVC - ok
20:08:25.0541 0x1c48  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:08:25.0562 0x1c48  Beep - ok
20:08:25.0565 0x1c48  [ B1359701847FF1FF415FA083F1610F48, 991F995B9CF614549F5F7EB5C5B2D47F34EFF0F47B35C4BF4CE716666B9DA1D3 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
20:08:25.0569 0x1c48  BEService - detected UnsignedFile.Multi.Generic ( 1 )
20:08:28.0455 0x1c48  Detect skipped due to KSN trusted
20:08:28.0455 0x1c48  BEService - ok
20:08:28.0471 0x1c48  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
20:08:28.0495 0x1c48  BFE - ok
20:08:28.0515 0x1c48  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
20:08:28.0600 0x1c48  BITS - ok
20:08:28.0605 0x1c48  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:08:28.0613 0x1c48  blbdrive - ok
20:08:28.0617 0x1c48  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:08:28.0627 0x1c48  bowser - ok
20:08:28.0630 0x1c48  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:08:28.0647 0x1c48  BrFiltLo - ok
20:08:28.0650 0x1c48  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:08:28.0658 0x1c48  BrFiltUp - ok
20:08:28.0664 0x1c48  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
20:08:28.0992 0x1c48  Browser - ok
20:08:29.0000 0x1c48  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:08:29.0014 0x1c48  Brserid - ok
20:08:29.0018 0x1c48  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:08:29.0028 0x1c48  BrSerWdm - ok
20:08:29.0031 0x1c48  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:08:29.0040 0x1c48  BrUsbMdm - ok
20:08:29.0043 0x1c48  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:08:29.0050 0x1c48  BrUsbSer - ok
20:08:29.0098 0x1c48  BS2689935443 - ok
20:08:29.0121 0x1c48  [ 3B1B573371B206D1D5F25E0EF5FCD6D6, 9CE8E687F7554FF4AD989015806D3A03A801647C88ECADF08F7404E49517680C ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
20:08:29.0131 0x1c48  BTATH_A2DP - ok
20:08:29.0135 0x1c48  [ 2D0446336D9DB55A742B999EC16ADF15, FBF57CBDCFE4146176ABBD7ACF04240048403143DD380E10AE63B10BA5D4F311 ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
20:08:29.0140 0x1c48  BTATH_BUS - ok
20:08:29.0147 0x1c48  [ 9A9694BBEB2849EAF95DFFCAE5DF02AD, 6534E599DDDF04A42E25581BB1CF4507B5F2E332FC74961C7F2CB8F672683C39 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:08:29.0155 0x1c48  BTATH_HCRP - ok
20:08:29.0159 0x1c48  [ FC0A8075DDF2E9C66267AEC91E0676F9, BAEBBA87DE72E996C9466FF15D9FD01DBD5D1A1097FC0FFB4819550830DEBCBC ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:08:29.0165 0x1c48  BTATH_LWFLT - ok
20:08:29.0171 0x1c48  [ 5EB4815CBDDBA4541F2380DAE6E269AB, DBBB0B1E5946BE5CA0C28F4175DE10613A3E5A89DCE0D6B9EDDF756B08CD274B ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
20:08:29.0178 0x1c48  BTATH_RCP - ok
20:08:29.0187 0x1c48  [ 0ECEDE7B33CFD9A52A61220ABBD09A50, 4E52C0A1626D26E882B0273204B1415D779E188F7AF7ABCEBF72EC6DAF9810F5 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
20:08:29.0197 0x1c48  BtFilter - ok
20:08:29.0202 0x1c48  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
20:08:29.0213 0x1c48  BthEnum - ok
20:08:29.0217 0x1c48  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:08:29.0227 0x1c48  BTHMODEM - ok
20:08:29.0231 0x1c48  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:08:29.0242 0x1c48  BthPan - ok
20:08:29.0261 0x1c48  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
20:08:29.0280 0x1c48  BTHPORT - ok
20:08:29.0285 0x1c48  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:08:29.0307 0x1c48  bthserv - ok
20:08:29.0311 0x1c48  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
20:08:29.0320 0x1c48  BTHUSB - ok
20:08:29.0350 0x1c48  [ 68BD23A0AD9E934F037A1D8A1929D1E2, 7104B04435930D085D01779065C8F293A265800D90C9DEFB19C998D9326E44E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
20:08:29.0384 0x1c48  c2cautoupdatesvc - ok
20:08:29.0418 0x1c48  [ 13297729C696656F990A5DBA53023129, EB2B34B04B79756199DBBBDE99ACBB576D20C7C0AF3E4F3C0CF0040948216AAC ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
20:08:29.0458 0x1c48  c2cpnrsvc - ok
20:08:29.0465 0x1c48  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:08:29.0489 0x1c48  cdfs - ok
20:08:29.0495 0x1c48  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:08:29.0505 0x1c48  cdrom - ok
20:08:29.0509 0x1c48  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:08:29.0531 0x1c48  CertPropSvc - ok
20:08:29.0535 0x1c48  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:08:29.0544 0x1c48  circlass - ok
20:08:29.0553 0x1c48  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
20:08:29.0566 0x1c48  CLFS - ok
20:08:29.0573 0x1c48  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:08:29.0580 0x1c48  clr_optimization_v2.0.50727_32 - ok
20:08:29.0587 0x1c48  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:08:29.0594 0x1c48  clr_optimization_v2.0.50727_64 - ok
20:08:29.0604 0x1c48  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:08:29.0613 0x1c48  clr_optimization_v4.0.30319_32 - ok
20:08:29.0623 0x1c48  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:08:29.0633 0x1c48  clr_optimization_v4.0.30319_64 - ok
20:08:29.0636 0x1c48  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:08:29.0643 0x1c48  CmBatt - ok
20:08:29.0646 0x1c48  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:08:29.0652 0x1c48  cmdide - ok
20:08:29.0663 0x1c48  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:08:29.0682 0x1c48  CNG - ok
20:08:29.0685 0x1c48  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:08:29.0691 0x1c48  Compbatt - ok
20:08:29.0695 0x1c48  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:08:29.0709 0x1c48  CompositeBus - ok
20:08:29.0712 0x1c48  COMSysApp - ok
20:08:29.0716 0x1c48  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:08:29.0721 0x1c48  crcdisk - ok
20:08:29.0728 0x1c48  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:08:29.0744 0x1c48  CryptSvc - ok
20:08:29.0758 0x1c48  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:08:29.0789 0x1c48  DcomLaunch - ok
20:08:29.0798 0x1c48  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:08:29.0824 0x1c48  defragsvc - ok
20:08:29.0829 0x1c48  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:08:29.0851 0x1c48  DfsC - ok
20:08:29.0860 0x1c48  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:08:29.0874 0x1c48  Dhcp - ok
20:08:29.0898 0x1c48  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
20:08:29.0929 0x1c48  DiagTrack - ok
20:08:29.0933 0x1c48  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:08:29.0955 0x1c48  discache - ok
20:08:29.0959 0x1c48  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:08:29.0966 0x1c48  Disk - ok
20:08:30.0118 0x1c48  [ 049873231E244D795CE1F32BDE5DA7B2, 1EABBA118B0A0129E7CE4999D3157F02C701C4D5C118C03EDB1F8A038F48748A ] DisplayFusionService P:\DisplayFusion\DisplayFusionService.exe
20:08:30.0239 0x1c48  DisplayFusionService - ok
20:08:30.0248 0x1c48  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:08:30.0259 0x1c48  Dnscache - ok
20:08:30.0266 0x1c48  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:08:30.0292 0x1c48  dot3svc - ok
20:08:30.0297 0x1c48  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
20:08:30.0322 0x1c48  DPS - ok
20:08:30.0324 0x1c48  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:08:30.0332 0x1c48  drmkaud - ok
20:08:30.0340 0x1c48  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:08:30.0351 0x1c48  dtsoftbus01 - ok
20:08:30.0370 0x1c48  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:08:30.0395 0x1c48  DXGKrnl - ok
20:08:30.0404 0x1c48  [ 6BAFD9819D9FEC2EDBAEBC8493C711A4, 689A30C9F881D8C49F90A6C75DA816055B43B84776E815C1DE80B3933ADBB174 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
20:08:30.0415 0x1c48  e1cexpress - ok
20:08:30.0420 0x1c48  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:08:30.0444 0x1c48  EapHost - ok
20:08:30.0446 0x1c48  EasyAntiCheat - ok
20:08:30.0506 0x1c48  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
20:08:30.0576 0x1c48  ebdrv - ok
20:08:30.0581 0x1c48  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS             C:\Windows\System32\lsass.exe
20:08:30.0589 0x1c48  EFS - ok
20:08:30.0606 0x1c48  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:08:30.0631 0x1c48  ehRecvr - ok
20:08:30.0636 0x1c48  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:08:30.0648 0x1c48  ehSched - ok
20:08:30.0660 0x1c48  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:08:30.0677 0x1c48  elxstor - ok
20:08:30.0681 0x1c48  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:08:30.0688 0x1c48  ErrDev - ok
20:08:30.0700 0x1c48  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:08:30.0729 0x1c48  EventSystem - ok
20:08:30.0735 0x1c48  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:08:30.0766 0x1c48  exfat - ok
20:08:30.0773 0x1c48  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:08:30.0798 0x1c48  fastfat - ok
20:08:30.0814 0x1c48  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
20:08:30.0835 0x1c48  Fax - ok
20:08:30.0838 0x1c48  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:08:30.0846 0x1c48  fdc - ok
20:08:30.0849 0x1c48  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:08:30.0869 0x1c48  fdPHost - ok
20:08:30.0873 0x1c48  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:08:30.0894 0x1c48  FDResPub - ok
20:08:30.0897 0x1c48  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:08:30.0904 0x1c48  FileInfo - ok
20:08:30.0907 0x1c48  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:08:30.0928 0x1c48  Filetrace - ok
20:08:30.0931 0x1c48  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:08:30.0938 0x1c48  flpydisk - ok
20:08:30.0946 0x1c48  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:08:30.0957 0x1c48  FltMgr - ok
20:08:30.0964 0x1c48  [ 813155B27B68DACCBAECCCEEA60BD8BF, 24BD34825B0D1A1DCB9BD1834733B21A8EB2DA49B9B31F8B1AFC1D71DC8CE823 ] FolderSize      C:\Program Files\FolderSize\FolderSizeSvc.exe
20:08:30.0970 0x1c48  FolderSize - detected UnsignedFile.Multi.Generic ( 1 )
20:08:33.0855 0x1c48  Detect skipped due to KSN trusted
20:08:33.0855 0x1c48  FolderSize - ok
20:08:33.0878 0x1c48  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
20:08:33.0912 0x1c48  FontCache - ok
20:08:33.0916 0x1c48  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:08:33.0923 0x1c48  FontCache3.0.0.0 - ok
20:08:33.0927 0x1c48  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:08:33.0934 0x1c48  FsDepends - ok
20:08:33.0937 0x1c48  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:08:33.0943 0x1c48  Fs_Rec - ok
20:08:33.0950 0x1c48  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:08:33.0963 0x1c48  fvevol - ok
20:08:33.0966 0x1c48  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:08:33.0973 0x1c48  gagp30kx - ok
20:08:33.0997 0x1c48  [ D3C40989B164358F5BAA11EB7F605390, 0036F3F8B28F21A0DA0EF6D83965C0A8927C6109985AAA8F94178564FA938C2A ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:08:34.0025 0x1c48  GfExperienceService - ok
20:08:34.0043 0x1c48  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:08:34.0079 0x1c48  gpsvc - ok
20:08:34.0085 0x1c48  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:08:34.0092 0x1c48  gupdate - ok
20:08:34.0096 0x1c48  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:08:34.0102 0x1c48  gupdatem - ok
20:08:34.0109 0x1c48  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:08:34.0118 0x1c48  gusvc - ok
20:08:34.0122 0x1c48  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
20:08:34.0127 0x1c48  hamachi - ok
20:08:34.0175 0x1c48  [ 467E489AB87260D6035F9F4C8F28D15A, 4079195CA7F91332F63B050E1D66378DC5C796977024B4EF6B2CFD3227F0E49C ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
20:08:34.0333 0x1c48  Hamachi2Svc - ok
20:08:34.0338 0x1c48  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:08:34.0348 0x1c48  hcw85cir - ok
20:08:34.0356 0x1c48  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:08:34.0372 0x1c48  HdAudAddService - ok
20:08:34.0377 0x1c48  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:08:34.0388 0x1c48  HDAudBus - ok
20:08:34.0391 0x1c48  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:08:34.0398 0x1c48  HidBatt - ok
20:08:34.0402 0x1c48  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:08:34.0413 0x1c48  HidBth - ok
20:08:34.0416 0x1c48  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:08:34.0426 0x1c48  HidIr - ok
20:08:34.0429 0x1c48  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
20:08:34.0450 0x1c48  hidserv - ok
20:08:34.0454 0x1c48  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:08:34.0461 0x1c48  HidUsb - ok
20:08:34.0466 0x1c48  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:08:34.0488 0x1c48  hkmsvc - ok
20:08:34.0495 0x1c48  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:08:34.0507 0x1c48  HomeGroupListener - ok
20:08:34.0513 0x1c48  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:08:34.0524 0x1c48  HomeGroupProvider - ok
20:08:34.0528 0x1c48  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:08:34.0536 0x1c48  HpSAMD - ok
20:08:34.0552 0x1c48  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:08:34.0574 0x1c48  HTTP - ok
20:08:34.0577 0x1c48  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:08:34.0583 0x1c48  hwpolicy - ok
20:08:34.0588 0x1c48  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:08:34.0596 0x1c48  i8042prt - ok
20:08:34.0606 0x1c48  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:08:34.0620 0x1c48  iaStorV - ok
20:08:34.0625 0x1c48  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:08:34.0629 0x1c48  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
20:08:37.0601 0x1c48  Detect skipped due to KSN trusted
20:08:37.0601 0x1c48  IDriverT - ok
20:08:37.0621 0x1c48  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:08:37.0645 0x1c48  idsvc - ok
20:08:37.0650 0x1c48  IEEtwCollectorService - ok
20:08:37.0654 0x1c48  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:08:37.0661 0x1c48  iirsp - ok
20:08:37.0679 0x1c48  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:08:37.0702 0x1c48  IKEEXT - ok
20:08:37.0757 0x1c48  [ DAB7318CCFA8081200D5B7B486793F74, 1D0833352D125D7C46F51401C8DE66DB92E3104003917BAEFE4A21218531C330 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:08:37.0813 0x1c48  IntcAzAudAddService - ok
20:08:37.0818 0x1c48  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:08:37.0824 0x1c48  intelide - ok
20:08:37.0827 0x1c48  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:08:37.0835 0x1c48  intelppm - ok
20:08:37.0841 0x1c48  [ 068EC06F3B6DD7B81B365D8FD2CE27E6, EDAD8F5B3F929C7C6200F38B862B2A03F310ADB55A04007DB6FF5F4F698547A4 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
20:08:37.0848 0x1c48  Intel® PROSet Monitoring Service - ok
20:08:37.0852 0x1c48  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:08:37.0875 0x1c48  IPBusEnum - ok
20:08:37.0880 0x1c48  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:08:37.0903 0x1c48  IpFilterDriver - ok
20:08:37.0916 0x1c48  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:08:37.0936 0x1c48  iphlpsvc - ok
20:08:37.0941 0x1c48  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:08:37.0949 0x1c48  IPMIDRV - ok
20:08:37.0954 0x1c48  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:08:37.0977 0x1c48  IPNAT - ok
20:08:38.0067 0x1c48  [ 6212B1D43C387AB2AD64585FEC5CFBBC, 6AFE883EAC9B6C71878DD7D51C6AB3BBE4036BCE01F8EAAB1865D5EC2F1B3A9F ] iRacingService  F:\iRacing\iRacingService.exe
20:08:38.0088 0x1c48  iRacingService - ok
20:08:38.0091 0x1c48  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:08:38.0109 0x1c48  IRENUM - ok
20:08:38.0112 0x1c48  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:08:38.0118 0x1c48  isapnp - ok
20:08:38.0127 0x1c48  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:08:38.0139 0x1c48  iScsiPrt - ok
20:08:38.0144 0x1c48  [ A577F5DB30F70ECA9708C07C2EACBD9D, F301D6779BE81F3778417EAAE6D950BF95822EC6426FF3F516D383ADE08DF8CA ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
20:08:38.0151 0x1c48  JRAID - ok
20:08:38.0154 0x1c48  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:08:38.0161 0x1c48  kbdclass - ok
20:08:38.0165 0x1c48  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:08:38.0173 0x1c48  kbdhid - ok
20:08:38.0175 0x1c48  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
20:08:38.0182 0x1c48  KeyIso - ok
20:08:38.0187 0x1c48  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:08:38.0194 0x1c48  KSecDD - ok
20:08:38.0200 0x1c48  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:08:38.0208 0x1c48  KSecPkg - ok
20:08:38.0211 0x1c48  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:08:38.0235 0x1c48  ksthunk - ok
20:08:38.0244 0x1c48  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:08:38.0273 0x1c48  KtmRm - ok
20:08:38.0281 0x1c48  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:08:38.0308 0x1c48  LanmanServer - ok
20:08:38.0314 0x1c48  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:08:38.0337 0x1c48  LanmanWorkstation - ok
20:08:38.0342 0x1c48  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:08:38.0365 0x1c48  lltdio - ok
20:08:38.0373 0x1c48  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:08:38.0400 0x1c48  lltdsvc - ok
20:08:38.0403 0x1c48  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:08:38.0425 0x1c48  lmhosts - ok
20:08:38.0436 0x1c48  [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
20:08:38.0448 0x1c48  LMIGuardianSvc - ok
20:08:38.0454 0x1c48  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:08:38.0463 0x1c48  LSI_FC - ok
20:08:38.0468 0x1c48  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:08:38.0475 0x1c48  LSI_SAS - ok
20:08:38.0479 0x1c48  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:08:38.0486 0x1c48  LSI_SAS2 - ok
20:08:38.0490 0x1c48  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:08:38.0499 0x1c48  LSI_SCSI - ok
20:08:38.0503 0x1c48  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:08:38.0527 0x1c48  luafv - ok
20:08:38.0537 0x1c48  [ 986C1CB787A007BAA5F74E7D316D7246, 8846D5FF09A669816F57C98507FBCBE60F770B22BC784269765E46B36EE38D9D ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
20:08:38.0549 0x1c48  LVRS64 - ok
20:08:38.0669 0x1c48  [ 5747BC465ABEA2858C5D037252AED84E, 1D62E05ED1D3265FEFDD02C8653B2901B05994091F1D417632E2FBF053C5D451 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
20:08:38.0799 0x1c48  LVUVC64 - ok
20:08:38.0806 0x1c48  MBAMSwissArmy - ok
20:08:38.0815 0x1c48  [ 968BFF74AEB683C962960ECE0CAE4135, 3E08B39DE27FE27A27BD3E81486F0FCA1947D4B50BFE0167A0C27CE48DD56793 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
20:08:38.0827 0x1c48  McComponentHostService - ok
20:08:38.0831 0x1c48  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:08:38.0840 0x1c48  Mcx2Svc - ok
20:08:38.0843 0x1c48  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:08:38.0849 0x1c48  megasas - ok
20:08:38.0857 0x1c48  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:08:38.0868 0x1c48  MegaSR - ok
20:08:38.0871 0x1c48  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
20:08:38.0877 0x1c48  MEIx64 - ok
20:08:38.0881 0x1c48  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:08:38.0903 0x1c48  MMCSS - ok
20:08:38.0907 0x1c48  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:08:38.0929 0x1c48  Modem - ok
20:08:38.0932 0x1c48  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:08:38.0941 0x1c48  monitor - ok
20:08:38.0945 0x1c48  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:08:38.0951 0x1c48  mouclass - ok
20:08:38.0954 0x1c48  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:08:38.0962 0x1c48  mouhid - ok
20:08:38.0966 0x1c48  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:08:38.0974 0x1c48  mountmgr - ok
20:08:38.0979 0x1c48  [ FD5E45969B82B83E33CB05B5C9B0E3F2, A6C21F7A0A97683DA50FC102131618CC1BE5CA0C3625D2FDAF5861B9B6523E45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:08:38.0987 0x1c48  MozillaMaintenance - ok
20:08:38.0992 0x1c48  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:08:39.0001 0x1c48  mpio - ok
20:08:39.0005 0x1c48  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:08:39.0028 0x1c48  mpsdrv - ok
20:08:39.0048 0x1c48  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:08:39.0086 0x1c48  MpsSvc - ok
20:08:39.0092 0x1c48  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:08:39.0102 0x1c48  MRxDAV - ok
20:08:39.0107 0x1c48  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:08:39.0118 0x1c48  mrxsmb - ok
20:08:39.0126 0x1c48  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:08:39.0139 0x1c48  mrxsmb10 - ok
20:08:39.0143 0x1c48  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:08:39.0152 0x1c48  mrxsmb20 - ok
20:08:39.0156 0x1c48  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:08:39.0163 0x1c48  msahci - ok
20:08:39.0168 0x1c48  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:08:39.0177 0x1c48  msdsm - ok
20:08:39.0181 0x1c48  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:08:39.0192 0x1c48  MSDTC - ok
20:08:39.0197 0x1c48  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:08:39.0219 0x1c48  Msfs - ok
20:08:39.0221 0x1c48  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:08:39.0242 0x1c48  mshidkmdf - ok
20:08:39.0245 0x1c48  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:08:39.0251 0x1c48  msisadrv - ok
20:08:39.0256 0x1c48  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:08:39.0285 0x1c48  MSiSCSI - ok
20:08:39.0288 0x1c48  msiserver - ok
20:08:39.0293 0x1c48  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:08:39.0316 0x1c48  MSKSSRV - ok
20:08:39.0319 0x1c48  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:08:39.0340 0x1c48  MSPCLOCK - ok
20:08:39.0343 0x1c48  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:08:39.0364 0x1c48  MSPQM - ok
20:08:39.0374 0x1c48  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:08:39.0387 0x1c48  MsRPC - ok
20:08:39.0391 0x1c48  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:08:39.0398 0x1c48  mssmbios - ok
20:08:39.0402 0x1c48  MSSQLSERVER - ok
20:08:39.0408 0x1c48  [ 04EF36EAF5C4DBCE424D81B76F1E9231, ABA97C3004903852357264291613649D823F5BB24806E6CF9952AB3AA0E97C15 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
20:08:39.0413 0x1c48  MSSQLServerADHelper100 - ok
20:08:39.0417 0x1c48  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:08:40.0188 0x1c48  MSTEE - ok
20:08:40.0191 0x1c48  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:08:40.0198 0x1c48  MTConfig - ok
20:08:40.0202 0x1c48  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:08:40.0209 0x1c48  Mup - ok
20:08:40.0218 0x1c48  [ 34D08C9C64F657D194961E96C47E9C69, FB56083CDF23E1601EC7EC5A74ADFFF1BE304BF4F4B485DE2E9609C5C14FACC4 ] mv91xx          C:\Windows\system32\DRIVERS\mv91xx.sys
20:08:40.0228 0x1c48  mv91xx - ok
20:08:40.0240 0x1c48  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
20:08:40.0270 0x1c48  napagent - ok
20:08:40.0279 0x1c48  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:08:40.0294 0x1c48  NativeWifiP - ok
20:08:40.0299 0x1c48  NAVENG - ok
20:08:40.0301 0x1c48  NAVEX15 - ok
20:08:40.0322 0x1c48  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:08:40.0350 0x1c48  NDIS - ok
20:08:40.0354 0x1c48  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:08:40.0374 0x1c48  NdisCap - ok
20:08:40.0378 0x1c48  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:08:40.0403 0x1c48  NdisTapi - ok
20:08:40.0407 0x1c48  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:08:40.0435 0x1c48  Ndisuio - ok
20:08:40.0443 0x1c48  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:08:40.0469 0x1c48  NdisWan - ok
20:08:40.0474 0x1c48  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:08:40.0498 0x1c48  NDProxy - ok
20:08:40.0501 0x1c48  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:08:40.0523 0x1c48  NetBIOS - ok
20:08:40.0531 0x1c48  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:08:40.0558 0x1c48  NetBT - ok
20:08:40.0561 0x1c48  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
20:08:40.0568 0x1c48  Netlogon - ok
20:08:40.0577 0x1c48  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:08:40.0609 0x1c48  Netman - ok
20:08:40.0615 0x1c48  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:08:40.0625 0x1c48  NetMsmqActivator - ok
20:08:40.0630 0x1c48  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:08:40.0638 0x1c48  NetPipeActivator - ok
20:08:40.0652 0x1c48  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:08:40.0684 0x1c48  netprofm - ok
20:08:40.0689 0x1c48  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:08:40.0697 0x1c48  NetTcpActivator - ok
20:08:40.0702 0x1c48  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:08:40.0710 0x1c48  NetTcpPortSharing - ok
20:08:40.0713 0x1c48  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:08:40.0719 0x1c48  nfrd960 - ok
20:08:40.0725 0x1c48  [ 43CF5D42FE4475E8E1E74BE484B7E33A, 92ADBB64797A3B7917F4B1313D6D6999B085E688C60F379C053FCFA5F635F968 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
20:08:40.0731 0x1c48  NIS - ok
20:08:40.0739 0x1c48  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:08:40.0752 0x1c48  NlaSvc - ok
20:08:40.0757 0x1c48  [ B3210ACD83AFD1BFFD4CEC2140700E89, F203464D57C2437D544BF968601E74980853B8AF2A52C956D663BDCAFD127F9A ] nldrv           C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys
20:08:40.0764 0x1c48  nldrv - ok
20:08:40.0772 0x1c48  [ A5F034A2D12675DD4BA53DA20C6EA822, 1C689CF8C3103AA6F4F9F76B6180D07444089E125236174A77B291A913EB7028 ] nlsvc           C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
20:08:40.0782 0x1c48  nlsvc - ok
20:08:40.0786 0x1c48  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:08:40.0811 0x1c48  Npfs - ok
20:08:40.0815 0x1c48  [ B785BC959F7B0514971A317CA86A2628, A282E67035D024D08C9F70D19B17A3CA5FC0424AD37C8FA0912DEFBF340A8FB0 ] npusbio         C:\Windows\system32\Drivers\npusbio_x64.sys
20:08:40.0824 0x1c48  npusbio - ok
20:08:40.0828 0x1c48  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:08:40.0849 0x1c48  nsi - ok
20:08:40.0853 0x1c48  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:08:40.0874 0x1c48  nsiproxy - ok
20:08:40.0909 0x1c48  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:08:40.0947 0x1c48  Ntfs - ok
20:08:40.0951 0x1c48  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:08:40.0974 0x1c48  Null - ok
20:08:40.0980 0x1c48  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
20:08:40.0987 0x1c48  nusb3hub - ok
20:08:40.0994 0x1c48  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:08:41.0003 0x1c48  nusb3xhc - ok
20:08:41.0010 0x1c48  [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
20:08:41.0020 0x1c48  NVHDA - ok
20:08:41.0219 0x1c48  [ E99E8EAC89B75F422264C9710D96DDCB, 84B16FE66AE373A67493FF24AA7B598C407C19BCF6CAAEF6C6A722D923C559EA ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:08:41.0438 0x1c48  nvlddmkm - ok
20:08:41.0483 0x1c48  [ C2909BD26906E1D05D77B1D48B48E94A, 5642571FFDBDC63F0E3B1477337103517ABF7C50EBEDA63EF8E162E44C7B2538 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:08:41.0525 0x1c48  NvNetworkService - ok
20:08:41.0532 0x1c48  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:08:41.0541 0x1c48  nvraid - ok
20:08:41.0547 0x1c48  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:08:41.0557 0x1c48  nvstor - ok
20:08:41.0562 0x1c48  [ 60C9EC53F9CFBFBE38E9C79B88A6B19F, D89D6C62AB0A3224D850B639E4D7D7265BF183BEE0C60F27FEDDF0194504B078 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:08:41.0567 0x1c48  NvStreamKms - ok
20:08:41.0668 0x1c48  [ 5A773713C332F8760ABB915C24675E8F, DA453D341529B34188D5B235B17BD0FDAE84129539FC212F34B9FCC42DC0549C ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
20:08:41.0780 0x1c48  NvStreamSvc - ok
20:08:41.0804 0x1c48  [ 6B245B7F96F901891636814B5A7A9088, BC6DF13929AEBA2CF5DC8449FF9D5F73497DF8E9760AFA93B56543D86BE940C3 ] NVSvc           C:\Windows\system32\nvvsvc.exe
20:08:41.0827 0x1c48  NVSvc - ok
20:08:41.0831 0x1c48  [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
20:08:41.0838 0x1c48  nvvad_WaveExtensible - ok
20:08:41.0843 0x1c48  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:08:41.0852 0x1c48  nv_agp - ok
20:08:41.0856 0x1c48  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:08:41.0865 0x1c48  ohci1394 - ok
20:08:42.0012 0x1c48  [ 28DDD258E19923891AC9B1A95E3D0F44, F7FD0EEBEDCBE8C2AE0C6B191B047F88F9D9BD375B78CCA252A4C2E52D9622C1 ] Origin Client Service P:\Origin\OriginClientService.exe
20:08:42.0074 0x1c48  Origin Client Service - ok
20:08:42.0084 0x1c48  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:08:42.0103 0x1c48  p2pimsvc - ok
20:08:42.0114 0x1c48  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:08:42.0131 0x1c48  p2psvc - ok
20:08:42.0135 0x1c48  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:08:42.0143 0x1c48  Parport - ok
20:08:42.0147 0x1c48  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:08:42.0154 0x1c48  partmgr - ok
20:08:42.0160 0x1c48  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:08:42.0171 0x1c48  PcaSvc - ok
20:08:42.0178 0x1c48  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
20:08:42.0188 0x1c48  pci - ok
20:08:42.0191 0x1c48  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:08:42.0197 0x1c48  pciide - ok
20:08:42.0203 0x1c48  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:08:42.0213 0x1c48  pcmcia - ok
20:08:42.0217 0x1c48  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:08:42.0223 0x1c48  pcw - ok
20:08:42.0237 0x1c48  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:08:42.0257 0x1c48  PEAUTH - ok
20:08:42.0273 0x1c48  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:08:42.0282 0x1c48  PerfHost - ok
20:08:42.0316 0x1c48  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
20:08:42.0371 0x1c48  pla - ok
20:08:42.0383 0x1c48  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:08:42.0399 0x1c48  PlugPlay - ok
20:08:42.0401 0x1c48  PnkBstrA - ok
20:08:42.0404 0x1c48  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:08:42.0411 0x1c48  PNRPAutoReg - ok
20:08:42.0420 0x1c48  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:08:42.0433 0x1c48  PNRPsvc - ok
20:08:42.0445 0x1c48  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:08:42.0477 0x1c48  PolicyAgent - ok
20:08:42.0484 0x1c48  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:08:42.0509 0x1c48  Power - ok
20:08:42.0513 0x1c48  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:08:42.0535 0x1c48  PptpMiniport - ok
20:08:42.0540 0x1c48  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:08:42.0547 0x1c48  Processor - ok
20:08:42.0554 0x1c48  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:08:42.0565 0x1c48  ProfSvc - ok
20:08:42.0568 0x1c48  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:08:42.0575 0x1c48  ProtectedStorage - ok
20:08:42.0580 0x1c48  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:08:42.0602 0x1c48  Psched - ok
20:08:42.0631 0x1c48  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:08:42.0670 0x1c48  ql2300 - ok
20:08:42.0676 0x1c48  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:08:42.0684 0x1c48  ql40xx - ok
20:08:42.0692 0x1c48  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:08:42.0710 0x1c48  QWAVE - ok
20:08:42.0713 0x1c48  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:08:42.0729 0x1c48  QWAVEdrv - ok
20:08:42.0732 0x1c48  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:08:42.0753 0x1c48  RasAcd - ok
20:08:42.0756 0x1c48  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:08:42.0778 0x1c48  RasAgileVpn - ok
20:08:42.0782 0x1c48  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:08:42.0805 0x1c48  RasAuto - ok
20:08:42.0810 0x1c48  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:08:42.0833 0x1c48  Rasl2tp - ok
20:08:42.0842 0x1c48  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
20:08:42.0872 0x1c48  RasMan - ok
20:08:42.0876 0x1c48  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:08:42.0899 0x1c48  RasPppoe - ok
20:08:42.0903 0x1c48  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:08:42.0926 0x1c48  RasSstp - ok
20:08:42.0935 0x1c48  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:08:42.0962 0x1c48  rdbss - ok
20:08:42.0966 0x1c48  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:08:42.0974 0x1c48  rdpbus - ok
20:08:42.0977 0x1c48  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:08:42.0998 0x1c48  RDPCDD - ok
20:08:43.0002 0x1c48  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:08:43.0023 0x1c48  RDPENCDD - ok
20:08:43.0027 0x1c48  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:08:43.0048 0x1c48  RDPREFMP - ok
20:08:43.0053 0x1c48  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:08:43.0064 0x1c48  RdpVideoMiniport - ok
20:08:43.0071 0x1c48  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:08:43.0082 0x1c48  RDPWD - ok
20:08:43.0090 0x1c48  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:08:43.0101 0x1c48  rdyboost - ok
20:08:43.0106 0x1c48  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:08:43.0129 0x1c48  RemoteAccess - ok
20:08:43.0134 0x1c48  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:08:43.0159 0x1c48  RemoteRegistry - ok
20:08:43.0164 0x1c48  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:08:43.0175 0x1c48  RFCOMM - ok
20:08:43.0179 0x1c48  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:08:43.0202 0x1c48  RpcEptMapper - ok
20:08:43.0205 0x1c48  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:08:43.0214 0x1c48  RpcLocator - ok
20:08:43.0227 0x1c48  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
20:08:43.0257 0x1c48  RpcSs - ok
20:08:43.0266 0x1c48  [ A09C2B85CE70A076B5AA3B9DB50969C6, 6394DE0E4322463132E9496212DEAF686B66BC2D25D1AB4AA581C7D7309571F0 ] RsFx0151        C:\Windows\system32\DRIVERS\RsFx0151.sys
20:08:43.0278 0x1c48  RsFx0151 - ok
20:08:43.0283 0x1c48  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:08:43.0307 0x1c48  rspndr - ok
20:08:43.0310 0x1c48  [ 63A9F32EAFCE8D5D171FE189823A58E1, 3574E42EDBF9C583CDF3F525EC400D63860C54DA88EFB4E14548147DB0C182DE ] rzendpt         C:\Windows\system32\DRIVERS\rzendpt.sys
20:08:43.0316 0x1c48  rzendpt - ok
20:08:43.0321 0x1c48  [ 6A0C6BAE535BB5FFE6FBCB48023B77C0, C0BA911D94DFAEBE3DA76AA6B91B840F6A05BE10C4A8A6BA0800992E0F5D5324 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
20:08:43.0329 0x1c48  rzudd - ok
20:08:43.0336 0x1c48  [ 7AFE621DF3C8BEE6C88ACC5CE1D01BAE, 23182E674597F19B5A78618E3B1E1E267CFB4629DA6DB1EB5808AD8082E7AF05 ] SaiDOutput      C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe
20:08:43.0344 0x1c48  SaiDOutput - detected UnsignedFile.Multi.Generic ( 1 )
20:08:46.0370 0x1c48  Detect skipped due to KSN trusted
20:08:46.0370 0x1c48  SaiDOutput - ok
20:08:46.0376 0x1c48  [ CF0E5155A089C7C8D7CFD9D1088AFDA4, 62954D7DF0075A936F4835AC67C2298371BA0E4EF893CC5365D3F95CCD877B09 ] SaiH0762        C:\Windows\system32\DRIVERS\SaiH0762.sys
20:08:46.0385 0x1c48  SaiH0762 - ok
20:08:46.0390 0x1c48  [ 45C0B193065219189772A038E6C29D49, 6739106149036A95AF7E018B364B6EA06CC7FD6B9D6AA6014973FF1EE9356E88 ] SaiH0763        C:\Windows\system32\DRIVERS\SaiH0763.sys
20:08:46.0398 0x1c48  SaiH0763 - ok
20:08:46.0401 0x1c48  [ A80E47F2316CED3BB54C05AF016915F2, D8FE6F12B1B9A8B8033D9D6A1F832C2948E765BD20E1C9FF7DD431A26CFBD1AC ] SaiMini         C:\Windows\system32\DRIVERS\SaiMini.sys
20:08:46.0407 0x1c48  SaiMini - ok
20:08:46.0411 0x1c48  [ A5AF334FEE9B4FB4523C3B016F7FFACC, 94EC0E88347E8667E6A905F35CA88FEF7075A7D12BA83F2A2C90F9469BD5C827 ] SaiNtBus        C:\Windows\system32\drivers\SaiBus.sys
20:08:46.0416 0x1c48  SaiNtBus - ok
20:08:46.0419 0x1c48  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs           C:\Windows\system32\lsass.exe
20:08:46.0426 0x1c48  SamSs - ok
20:08:46.0431 0x1c48  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:08:46.0438 0x1c48  sbp2port - ok
20:08:46.0446 0x1c48  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:08:46.0471 0x1c48  SCardSvr - ok
20:08:46.0475 0x1c48  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:08:46.0496 0x1c48  scfilter - ok
20:08:46.0519 0x1c48  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
20:08:46.0547 0x1c48  Schedule - ok
20:08:46.0552 0x1c48  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:08:46.0574 0x1c48  SCPolicySvc - ok
20:08:46.0581 0x1c48  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:08:46.0594 0x1c48  SDRSVC - ok
20:08:46.0597 0x1c48  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:08:46.0604 0x1c48  secdrv - ok
20:08:46.0608 0x1c48  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
20:08:46.0629 0x1c48  seclogon - ok
20:08:46.0633 0x1c48  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
20:08:46.0656 0x1c48  SENS - ok
20:08:46.0659 0x1c48  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:08:46.0668 0x1c48  SensrSvc - ok
20:08:46.0671 0x1c48  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:08:46.0678 0x1c48  Serenum - ok
20:08:46.0683 0x1c48  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:08:46.0691 0x1c48  Serial - ok
20:08:46.0695 0x1c48  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:08:46.0702 0x1c48  sermouse - ok
20:08:46.0711 0x1c48  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:08:46.0735 0x1c48  SessionEnv - ok
20:08:46.0738 0x1c48  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:08:46.0745 0x1c48  sffdisk - ok
20:08:46.0750 0x1c48  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:08:46.0757 0x1c48  sffp_mmc - ok
20:08:46.0760 0x1c48  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:08:46.0769 0x1c48  sffp_sd - ok
20:08:46.0773 0x1c48  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:08:46.0782 0x1c48  sfloppy - ok
20:08:46.0792 0x1c48  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:08:46.0821 0x1c48  SharedAccess - ok
20:08:46.0832 0x1c48  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:08:46.0861 0x1c48  ShellHWDetection - ok
20:08:46.0864 0x1c48  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:08:46.0871 0x1c48  SiSRaid2 - ok
20:08:46.0875 0x1c48  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:08:46.0882 0x1c48  SiSRaid4 - ok
20:08:46.0890 0x1c48  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:08:46.0903 0x1c48  SkypeUpdate - ok
20:08:46.0907 0x1c48  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:08:46.0929 0x1c48  Smb - ok
20:08:46.0935 0x1c48  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:08:46.0944 0x1c48  SNMPTRAP - ok
20:08:46.0948 0x1c48  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
20:08:46.0954 0x1c48  speedfan - ok
20:08:46.0957 0x1c48  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:08:46.0962 0x1c48  spldr - ok
20:08:46.0975 0x1c48  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
20:08:46.0995 0x1c48  Spooler - ok
20:08:47.0069 0x1c48  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:08:47.0164 0x1c48  sppsvc - ok
20:08:47.0171 0x1c48  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:08:47.0193 0x1c48  sppuinotify - ok
20:08:47.0201 0x1c48  [ 7D67C07C63796775CC5492BCFEAFF125, BAEFF806F656FA252D1DBC1E21603CF5F7D54C5AFB3FC91F2723729A7740DF8A ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:08:47.0211 0x1c48  SQLBrowser - ok
20:08:47.0223 0x1c48  [ 3420E0482AD95120B471B7328A8D7D08, D3D8C45EC601B59ACBE7FE76B7C8478256DD29ADBF9A22938BFD4098E593B682 ] SQLSERVERAGENT  C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
20:08:47.0236 0x1c48  SQLSERVERAGENT - ok
20:08:47.0243 0x1c48  [ F98DDFBFE0EE66D4C4B00693512B9527, 322FF75D1CA460368FD72ADCD93273F1D5AA5CF2C4DF65A94BF9ABAA2E695150 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:08:47.0250 0x1c48  SQLWriter - ok
20:08:47.0261 0x1c48  [ 6820B710C7225D489223D4A6E1AC3E16, F3E5F6020CCDACA2568F95A0EFFE6432129756EE8136B5D03E629F365102C724 ] SRTSP           C:\Windows\system32\drivers\NISx64\1105000.07F\SRTSP64.SYS
20:08:47.0276 0x1c48  SRTSP - ok
20:08:47.0279 0x1c48  [ 7159E3DEA683FD88C10DA6CF9997162F, 08A638F12E6B9912D9D6A9594A32D22FC87D1205011EEB160C66F7C4E64246B1 ] SRTSPX          C:\Windows\system32\drivers\NISx64\1105000.07F\SRTSPX64.SYS
20:08:47.0284 0x1c48  SRTSPX - ok
20:08:47.0296 0x1c48  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:08:47.0312 0x1c48  srv - ok
20:08:47.0322 0x1c48  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:08:47.0337 0x1c48  srv2 - ok
20:08:47.0342 0x1c48  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:08:47.0353 0x1c48  srvnet - ok
20:08:47.0359 0x1c48  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:08:47.0385 0x1c48  SSDPSRV - ok
20:08:47.0389 0x1c48  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:08:47.0412 0x1c48  SstpSvc - ok
20:08:47.0430 0x1c48  [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:08:47.0450 0x1c48  Steam Client Service - ok
20:08:47.0462 0x1c48  [ C368FAF3084E3978462159F1DDAFF54F, F7DD88038E002EF3D2BCA648FE7CF0F92347E901C5F495D8D8E4D24076E895CD ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:08:47.0475 0x1c48  Stereo Service - ok
20:08:47.0478 0x1c48  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:08:47.0484 0x1c48  stexstor - ok
20:08:47.0497 0x1c48  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
20:08:47.0521 0x1c48  stisvc - ok
20:08:47.0524 0x1c48  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:08:47.0530 0x1c48  swenum - ok
20:08:47.0542 0x1c48  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:08:47.0576 0x1c48  swprv - ok
20:08:47.0613 0x1c48  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
20:08:47.0657 0x1c48  SysMain - ok
20:08:47.0663 0x1c48  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:08:47.0675 0x1c48  TabletInputService - ok
20:08:47.0683 0x1c48  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:08:47.0710 0x1c48  TapiSrv - ok
20:08:47.0714 0x1c48  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
20:08:47.0736 0x1c48  TBS - ok
20:08:47.0776 0x1c48  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:08:47.0820 0x1c48  Tcpip - ok
20:08:47.0860 0x1c48  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:08:47.0898 0x1c48  TCPIP6 - ok
20:08:47.0904 0x1c48  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:08:47.0912 0x1c48  tcpipreg - ok
20:08:47.0915 0x1c48  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:08:47.0924 0x1c48  TDPIPE - ok
20:08:47.0928 0x1c48  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:08:47.0936 0x1c48  TDTCP - ok
20:08:47.0940 0x1c48  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:08:47.0948 0x1c48  tdx - ok
20:08:47.0952 0x1c48  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:08:47.0959 0x1c48  TermDD - ok
20:08:47.0973 0x1c48  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
20:08:47.0995 0x1c48  TermService - ok
20:08:47.0998 0x1c48  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:08:48.0010 0x1c48  Themes - ok
20:08:48.0013 0x1c48  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:08:48.0035 0x1c48  THREADORDER - ok
20:08:48.0040 0x1c48  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:08:48.0064 0x1c48  TrkWks - ok
20:08:48.0070 0x1c48  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:08:48.0095 0x1c48  TrustedInstaller - ok
20:08:48.0099 0x1c48  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:08:48.0106 0x1c48  tssecsrv - ok
20:08:48.0110 0x1c48  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:08:48.0119 0x1c48  TsUsbFlt - ok
20:08:48.0124 0x1c48  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:08:48.0147 0x1c48  tunnel - ok
20:08:48.0152 0x1c48  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:08:48.0159 0x1c48  uagp35 - ok
20:08:48.0168 0x1c48  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:08:48.0196 0x1c48  udfs - ok
20:08:48.0202 0x1c48  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:08:48.0211 0x1c48  UI0Detect - ok
20:08:48.0214 0x1c48  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:08:48.0221 0x1c48  uliagpkx - ok
20:08:48.0224 0x1c48  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:08:48.0232 0x1c48  umbus - ok
20:08:48.0235 0x1c48  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:08:48.0242 0x1c48  UmPass - ok
20:08:48.0251 0x1c48  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:08:48.0279 0x1c48  upnphost - ok
20:08:48.0284 0x1c48  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:08:48.0294 0x1c48  usbaudio - ok
20:08:48.0298 0x1c48  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:08:48.0307 0x1c48  usbccgp - ok
20:08:48.0311 0x1c48  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:08:48.0321 0x1c48  usbcir - ok
20:08:48.0324 0x1c48  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:08:48.0332 0x1c48  usbehci - ok
20:08:48.0342 0x1c48  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:08:48.0355 0x1c48  usbhub - ok
20:08:48.0359 0x1c48  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:08:48.0366 0x1c48  usbohci - ok
20:08:48.0370 0x1c48  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:08:48.0378 0x1c48  usbprint - ok
20:08:48.0382 0x1c48  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:08:48.0393 0x1c48  USBSTOR - ok
20:08:48.0396 0x1c48  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:08:48.0403 0x1c48  usbuhci - ok
20:08:48.0409 0x1c48  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:08:48.0419 0x1c48  usbvideo - ok
20:08:48.0422 0x1c48  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:08:48.0445 0x1c48  UxSms - ok
20:08:48.0448 0x1c48  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
20:08:48.0455 0x1c48  VaultSvc - ok
20:08:48.0459 0x1c48  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:08:48.0465 0x1c48  vdrvroot - ok
20:08:48.0477 0x1c48  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
20:08:48.0510 0x1c48  vds - ok
20:08:48.0514 0x1c48  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:08:48.0522 0x1c48  vga - ok
20:08:48.0526 0x1c48  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:08:48.0548 0x1c48  VgaSave - ok
20:08:48.0554 0x1c48  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:08:48.0565 0x1c48  vhdmp - ok
20:08:48.0569 0x1c48  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:08:48.0575 0x1c48  viaide - ok
20:08:48.0581 0x1c48  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:08:48.0588 0x1c48  volmgr - ok
20:08:48.0600 0x1c48  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:08:48.0614 0x1c48  volmgrx - ok
20:08:48.0623 0x1c48  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:08:48.0636 0x1c48  volsnap - ok
20:08:48.0650 0x1c48  [ 0B0772247B85FC844A06498386E32F59, 47FBF825649C78E52A13EBD06336209C15414293A414757CF424E4B4490319BA ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
20:08:48.0666 0x1c48  vpnagent - ok
20:08:48.0671 0x1c48  [ 5932B2999AEF21C4599A792599F28D89, 78B2842BA71F9DAB5BB64BA4AB97BD19DEEFB075F83D735244906D046E78B2DC ] vpnva           C:\Windows\system32\DRIVERS\vpnva64-6.sys
20:08:48.0677 0x1c48  vpnva - ok
20:08:48.0683 0x1c48  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:08:48.0693 0x1c48  vsmraid - ok
20:08:48.0726 0x1c48  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
20:08:48.0778 0x1c48  VSS - ok
20:08:48.0782 0x1c48  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
20:08:48.0790 0x1c48  vwifibus - ok
20:08:48.0800 0x1c48  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:08:48.0828 0x1c48  W32Time - ok
20:08:48.0833 0x1c48  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:08:48.0839 0x1c48  WacomPen - ok
20:08:48.0844 0x1c48  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:08:48.0866 0x1c48  WANARP - ok
20:08:48.0870 0x1c48  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:08:48.0891 0x1c48  Wanarpv6 - ok
20:08:48.0916 0x1c48  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:08:48.0947 0x1c48  WatAdminSvc - ok
20:08:48.0981 0x1c48  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
20:08:49.0022 0x1c48  wbengine - ok
20:08:49.0029 0x1c48  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:08:49.0044 0x1c48  WbioSrvc - ok
20:08:49.0053 0x1c48  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:08:49.0071 0x1c48  wcncsvc - ok
20:08:49.0075 0x1c48  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:08:49.0084 0x1c48  WcsPlugInService - ok
20:08:49.0087 0x1c48  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:08:49.0092 0x1c48  Wd - ok
20:08:49.0109 0x1c48  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:08:49.0131 0x1c48  Wdf01000 - ok
20:08:49.0135 0x1c48  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:08:49.0145 0x1c48  WdiServiceHost - ok
20:08:49.0148 0x1c48  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:08:49.0156 0x1c48  WdiSystemHost - ok
20:08:49.0163 0x1c48  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
20:08:49.0175 0x1c48  WebClient - ok
20:08:49.0183 0x1c48  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:08:49.0196 0x23b4  Object required for P2P: [ 467E489AB87260D6035F9F4C8F28D15A ] Hamachi2Svc
20:08:49.0215 0x1c48  Wecsvc - ok
20:08:49.0219 0x1c48  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:08:49.0243 0x1c48  wercplsupport - ok
20:08:49.0247 0x1c48  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:08:49.0270 0x1c48  WerSvc - ok
20:08:49.0273 0x1c48  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:08:49.0298 0x1c48  WfpLwf - ok
20:08:49.0301 0x1c48  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:08:49.0306 0x1c48  WIMMount - ok
20:08:49.0309 0x1c48  WinDefend - ok
20:08:49.0314 0x1c48  WinHttpAutoProxySvc - ok
20:08:49.0324 0x1c48  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:08:49.0350 0x1c48  Winmgmt - ok
20:08:49.0393 0x1c48  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
20:08:49.0443 0x1c48  WinRM - ok
20:08:49.0451 0x1c48  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:08:49.0460 0x1c48  WinUsb - ok
20:08:49.0478 0x1c48  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:08:49.0506 0x1c48  Wlansvc - ok
20:08:49.0554 0x1c48  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:08:49.0606 0x1c48  wlidsvc - ok
20:08:49.0611 0x1c48  [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum         C:\Windows\system32\drivers\WmBEnum.sys
20:08:49.0616 0x1c48  WmBEnum - ok
20:08:49.0619 0x1c48  [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
20:08:49.0624 0x1c48  WmFilter - ok
20:08:49.0628 0x1c48  [ AC4331AF118A720F13C9C5CABBFE27BD, 2C5F453996B00078F3E8E731F6B3DD4529831BDA2146EAFC66727C9460E85112 ] WmHidLo         C:\Windows\system32\drivers\WmHidLo.sys
20:08:49.0633 0x1c48  WmHidLo - ok
20:08:49.0636 0x1c48  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:08:49.0643 0x1c48  WmiAcpi - ok
20:08:49.0650 0x1c48  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:08:49.0661 0x1c48  wmiApSrv - ok
20:08:49.0664 0x1c48  WMPNetworkSvc - ok
20:08:49.0667 0x1c48  [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
20:08:49.0672 0x1c48  WmVirHid - ok
20:08:49.0676 0x1c48  [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
20:08:49.0682 0x1c48  WmXlCore - ok
20:08:49.0685 0x1c48  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:08:49.0693 0x1c48  WPCSvc - ok
20:08:49.0698 0x1c48  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:08:49.0713 0x1c48  WPDBusEnum - ok
20:08:49.0716 0x1c48  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:08:49.0737 0x1c48  ws2ifsl - ok
20:08:49.0742 0x1c48  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
20:08:49.0754 0x1c48  wscsvc - ok
20:08:49.0756 0x1c48  WSearch - ok
20:08:49.0805 0x1c48  [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:08:49.0864 0x1c48  wuauserv - ok
20:08:49.0870 0x1c48  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:08:49.0879 0x1c48  WudfPf - ok
20:08:49.0886 0x1c48  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:08:49.0896 0x1c48  WUDFRd - ok
20:08:49.0900 0x1c48  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:08:49.0910 0x1c48  wudfsvc - ok
20:08:49.0916 0x1c48  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:08:49.0931 0x1c48  WwanSvc - ok
20:08:49.0934 0x1c48  [ F3D7F968E6A4A37F6BBC1F4B737E6C41, 92B39BEB51BC38EE19B8A3D8DBC67AEFA71EFF6642B6338FF0749053A939E4DB ] XFDriver64      C:\Program Files\Xfire2\XFDriver64.sys
20:08:49.0940 0x1c48  XFDriver64 - ok
20:08:49.0942 0x1c48  xhunter1 - ok
20:08:49.0959 0x1c48  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
20:08:49.0982 0x1c48  xnacc - ok
20:08:49.0986 0x1c48  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
20:08:49.0993 0x1c48  xusb21 - ok
20:08:50.0000 0x1c48  ================ Scan global ===============================
20:08:50.0003 0x1c48  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
20:08:50.0009 0x1c48  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
20:08:50.0019 0x1c48  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
20:08:50.0025 0x1c48  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:08:50.0033 0x1c48  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
20:08:50.0040 0x1c48  [ Global ] - ok
20:08:50.0040 0x1c48  ================ Scan MBR ==================================
20:08:50.0042 0x1c48  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:08:50.0071 0x1c48  \Device\Harddisk1\DR1 - ok
20:08:50.0073 0x1c48  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
20:08:50.0096 0x1c48  \Device\Harddisk2\DR2 - ok
20:08:50.0124 0x1c48  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:08:50.0351 0x1c48  \Device\Harddisk0\DR0 - ok
20:08:50.0814 0x1c48  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk3\DR3
20:08:50.0914 0x1c48  \Device\Harddisk3\DR3 - ok
20:08:50.0915 0x1c48  ================ Scan VBR ==================================
20:08:50.0916 0x1c48  [ 6EF0D4B0AAD119C7A26E9B6CE7498CC4 ] \Device\Harddisk1\DR1\Partition1
20:08:50.0941 0x1c48  \Device\Harddisk1\DR1\Partition1 - ok
20:08:50.0948 0x1c48  [ FD271D9A691BB6DCA8AF7D69EFB67F3C ] \Device\Harddisk2\DR2\Partition1
20:08:50.0988 0x1c48  \Device\Harddisk2\DR2\Partition1 - ok
20:08:50.0998 0x1c48  [ C99D45CB0E0D5617208752FFEDDBA340 ] \Device\Harddisk2\DR2\Partition2
20:08:51.0038 0x1c48  \Device\Harddisk2\DR2\Partition2 - ok
20:08:51.0040 0x1c48  [ F2A046E59111836FB8F65F2B9DA4A615 ] \Device\Harddisk0\DR0\Partition1
20:08:51.0102 0x1c48  \Device\Harddisk0\DR0\Partition1 - ok
20:08:51.0105 0x1c48  [ 6706EF1F363A37F6FE3AEB3E6E75F52A ] \Device\Harddisk3\DR3\Partition1
20:08:51.0162 0x1c48  \Device\Harddisk3\DR3\Partition1 - ok
20:08:51.0163 0x1c48  ================ Scan generic autorun ======================
20:08:52.0076 0x1c48  [ 72CD24BCDCAEABAC39CC4F10BAC97C22, E300BD5480259C7DFC2ED25D1CBF246CF1BE0FFEB0A060CABEC4BD15FA8FAFFE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:08:52.0350 0x1c48  RtHDVCpl - ok
20:08:52.0372 0x1c48  [ F7123DD08DB0E254C62DB2B65FFE010C, 22638D929369244ADB68C10EC945B2BE2062E0DD59AB37D9A4B862D8BC55FBD8 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
20:08:52.0389 0x1c48  AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
20:08:52.0614 0x23b4  Object send P2P result: true
20:08:52.0616 0x23b4  Object required for P2P: [ 6212B1D43C387AB2AD64585FEC5CFBBC ] iRacingService
20:08:55.0412 0x1c48  Detect skipped due to KSN trusted
20:08:55.0412 0x1c48  AtherosBtStack - ok
20:08:55.0422 0x1c48  [ 91894B8CCED018B2567C99F8F729F3D6, 5678B36722FB270B917F9E23A9CF7C8863B71665D2C81681F2D02C93CDF07739 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
20:08:55.0434 0x1c48  AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
20:08:56.0129 0x23b4  Object send P2P result: true
20:08:56.0136 0x23b4  Object required for P2P: [ 6B245B7F96F901891636814B5A7A9088 ] NVSvc
20:09:05.0478 0x1c48  AthBtTray ( UnsignedFile.Multi.Generic ) - warning
20:09:05.0478 0x1c48  Force sending object to P2P due to detect: C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
20:09:14.0243 0x23b4  Object send P2P result: true
20:09:14.0243 0x1c48  Object send P2P result: true
20:09:27.0762 0x1c48  [ 0C4C8A1A9D5EDDE3D04045565B04662E, CEBD59631E869422998BDB40ACC3B0537BBDE536EEDC2BB3E9BF5295C32789AC ] C:\Program Files\SmartTechnology\Software\ProfilerU.exe
20:09:27.0774 0x1c48  ProfilerU - detected UnsignedFile.Multi.Generic ( 1 )
20:09:30.0713 0x1c48  ProfilerU ( UnsignedFile.Multi.Generic ) - warning
20:09:33.0810 0x1c48  [ E24A7EAF81D78FBB492CB66B2FF05AB4, 3C9CEE9660752F2E0E8893A11565278677B12C367B948958A57D1139A74960C0 ] C:\Program Files\SmartTechnology\Software\SaiMfd.exe
20:09:33.0816 0x1c48  SaiMfd - detected UnsignedFile.Multi.Generic ( 1 )
20:09:36.0730 0x1c48  SaiMfd ( UnsignedFile.Multi.Generic ) - warning
20:09:39.0812 0x1c48  Nvtmru - ok
20:09:39.0826 0x1c48  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
20:09:39.0841 0x1c48  AdobeAAMUpdater-1.0 - ok
20:09:39.0848 0x1c48  [ 0104F4CA73154C23FFB449501F6D2D53, 0610AC01C06CC15D67F11C0EE00097A4D0A56B9EED16489FD3306EC2E1E6F301 ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe
20:09:39.0856 0x1c48  Start WingMan Profiler - ok
20:09:39.0859 0x1c48  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
20:09:39.0868 0x1c48  ShadowPlay - ok
20:09:39.0918 0x1c48  [ 6BE70A935DFD72F47C29757305B50B1E, 6E76D7CA8C417750C2AFAD45344F5863CEA7798A2993716E21DE1997789D1746 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:09:39.0979 0x1c48  NvBackend - ok
20:09:39.0984 0x1c48  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
20:09:39.0990 0x1c48  NUSB3MON - ok
20:09:39.0993 0x1c48  [ 17D9440D55500418C8FDB8EF1390C5AD, C4C57AE427FB89EFDFC1D111C300BB588E475BE90DD57084C03399557641F948 ] C:\Windows\RaidTool\xInsIDE.exe
20:09:39.0999 0x1c48  JMB36X IDE Setup - ok
20:09:40.0022 0x1c48  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:09:40.0054 0x1c48  Sidebar - ok
20:09:40.0059 0x1c48  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:09:40.0070 0x1c48  mctadmin - ok
20:09:40.0095 0x1c48  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:09:40.0120 0x1c48  Sidebar - ok
20:09:40.0124 0x1c48  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:09:40.0134 0x1c48  mctadmin - ok
20:09:40.0354 0x1c48  [ C18CD08106E0650AA63F8A403DE797B2, 7F64C17ADE13996A57D5FAE41405458DFDB8DC63366710B75B610345D92F81FA ] P:\DisplayFusion\DisplayFusion.exe
20:09:40.0578 0x1c48  DisplayFusion - ok
20:09:40.0704 0x1c48  [ 5353A34090BABE3CD48B70569AF0DD12, A211D0B06DC05BFCBD13EBC71275C644B7616E95485ED8336DEFF257B7AE7E80 ] F:\Steam\steam.exe
20:09:40.0969 0x1c48  Steam - ok
20:09:40.0977 0x1c48  [ E373BB9177F997035D9A00D6F1C7A2F7, 6D59E3C18A10DDF3E8197C4083F18BD44A7CE4216C6BF9E037FEE1F5FAC32A10 ] C:\Program Files (x86)\Trading Paints\Trading Paints.exe
20:09:40.0988 0x1c48  Trading Paints - ok
20:09:41.0244 0x1c48  [ 7C0E84B6E97C6555EB2C527EFD33D1FE, C3B0FD7814A7F3EEB01C4F34170B412141C49CAE8E3630764EFF4B2EC9B88349 ] C:\Program Files (x86)\NaturalPoint\TrackIR5\TrackIR5.exe
20:09:41.0504 0x1c48  NaturalPoint - ok
20:09:41.0539 0x1c48  RocketDock - ok
20:09:41.0570 0x1c48  [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\MrDyll\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
20:09:41.0602 0x1c48  Spotify Web Helper - ok
20:09:41.0634 0x1c48  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
20:09:41.0670 0x1c48  Sidebar - ok
20:09:41.0674 0x1c48  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
20:09:41.0682 0x1c48  RSA2689935443 - ok
20:09:41.0683 0x1c48  Waiting for KSN requests completion. In queue: 17
20:09:42.0683 0x1c48  Waiting for KSN requests completion. In queue: 17
20:09:43.0683 0x1c48  Waiting for KSN requests completion. In queue: 17
20:09:44.0616 0x2250  Object required for P2P: [ 5353A34090BABE3CD48B70569AF0DD12 ] F:\Steam\steam.exe
20:09:44.0683 0x1c48  Waiting for KSN requests completion. In queue: 5
20:09:45.0683 0x1c48  Waiting for KSN requests completion. In queue: 5
20:09:46.0683 0x1c48  Waiting for KSN requests completion. In queue: 5
20:09:47.0683 0x1c48  Waiting for KSN requests completion. In queue: 5
20:09:48.0026 0x2250  Object send P2P result: true
20:09:48.0698 0x1c48  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\WSCStub.exe ( 17.5.0.0 ), 0x50000 ( disabled : updated )
20:09:48.0698 0x1c48  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\WSCStub.exe ( 17.5.0.0 ), 0x50010 ( disabled )
20:09:48.0703 0x1c48  Win FW state via NFP2: enabled ( trusted )
20:09:51.0763 0x1c48  ============================================================
20:09:51.0763 0x1c48  Scan finished
20:09:51.0763 0x1c48  ============================================================
20:09:51.0769 0x1b7c  Detected object count: 3
20:09:51.0769 0x1b7c  Actual detected object count: 3
20:10:18.0553 0x1b7c  AthBtTray ( UnsignedFile.Multi.Generic ) - skipped by user
20:10:18.0553 0x1b7c  AthBtTray ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:10:18.0553 0x1b7c  ProfilerU ( UnsignedFile.Multi.Generic ) - skipped by user
20:10:18.0553 0x1b7c  ProfilerU ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:10:18.0554 0x1b7c  SaiMfd ( UnsignedFile.Multi.Generic ) - skipped by user
20:10:18.0554 0x1b7c  SaiMfd ( UnsignedFile.Multi.Generic ) - User select action: Skip 


#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:17 PM

Posted 04 December 2015 - 04:47 AM

Please try to run Malwarebytes now.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 MrDyll

MrDyll
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 04 December 2015 - 05:05 AM

I can run it, can I remove the threats detected?

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 04-Dec-15
Scan Time: 8:57 PM
Logfile: 
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2015.12.04.01
Rootkit Database: v2015.11.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: MrDyll
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 367094
Time Elapsed: 4 min, 45 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 1
Trojan.Rovnix, HKU\S-1-5-21-298172238-1706896589-3872219730-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|RSA2689935443, C:\Windows\system32\rundll32.exe "C:\Users\MrDyll\AppData\Roaming\Microsoft\Crypto\RSA\RSA2689935443.dll",DllInitialize, , [16fbdac7dbb0a393d5401a348d74a45c]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
Trojan.Rovnix, C:\Users\MrDyll\AppData\Roaming\Microsoft\Crypto\RSA\RSA2689935443.dll, , [16fbdac7dbb0a393d5401a348d74a45c], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:17 PM

Posted 04 December 2015 - 01:32 PM

warning.gif Malware Warning

If your computer was used for online banking, has credit card information or other sensitive data, using a non-infected computer/device you should immediately change all account information (including those used for banking, Email, eBay, Paypal, online forums, etc).

Please run Malwarebytes with rootkit-detection.

Step 1

v21logo.PNG

Scan with Malwarebytes Anti-Malware.

  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
    m21p.png
  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select
    m21p4.png
  • Return to our forum. Paste your log into your next reply and then click Finish [7].

mbamv21.gif

Step 2

roveng1.png
Please download Rovnixcleaner (by ESET) and save it to your Desktop.

  • Right-click onroveng2.png and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Click Yes when prompted by User Account Control.
  • The tool will scan your system and close automatically with the "Win32/Rovnix was not found on your system." message if no threats are present. If a threat is found, press Y and follow the on-screen prompts to clean your system.
  • A computer restart will be performed when the tool finishes running. The tool will produce also a log in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

re1.png
re2.png


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 MrDyll

MrDyll
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 04 December 2015 - 05:47 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 05-Dec-15
Scan Time: 9:35 AM
Logfile: mbam remove results.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2015.12.04.06
Rootkit Database: v2015.11.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: MrDyll
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 391343
Time Elapsed: 9 min, 11 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 1
Trojan.Rovnix, HKU\S-1-5-21-298172238-1706896589-3872219730-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|RSA2689935443, C:\Windows\system32\rundll32.exe "C:\Users\MrDyll\AppData\Roaming\Microsoft\Crypto\RSA\RSA2689935443.dll",DllInitialize, Quarantined, [f81e1e83dead1521b4a8aea0f80953ad]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
Trojan.Rovnix, C:\Users\MrDyll\AppData\Roaming\Microsoft\Crypto\RSA\RSA2689935443.dll, Delete-on-Reboot, [f81e1e83dead1521b4a8aea0f80953ad], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
 
The second program did not find anything.
 
[2015.12.05 09:46:05.033] - Begin
[2015.12.05 09:46:05.033] - 
[2015.12.05 09:46:05.033] -     ....................................
[2015.12.05 09:46:05.034] -   ..::::::::::::::::::....................
[2015.12.05 09:46:05.034] -   .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT..    Win32/Rovnix
[2015.12.05 09:46:05.036] -  .::EE::::EE:SS:::::::.EE....EE....TT......   Version: 1.1.0.2
[2015.12.05 09:46:05.036] -  .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT......   Built: Nov 24 2014
[2015.12.05 09:46:05.037] -  .::EE:::::::::::::SS:.EE..........TT......
[2015.12.05 09:46:05.037] -   .::EEEEEE:::SSSSSS::..EEEEEE.....TT.....    Copyright © ESET, spol. s r.o.
[2015.12.05 09:46:05.038] -   ..::::::::::::::::::....................    1992-2013. All rights reserved.
[2015.12.05 09:46:05.038] -     ....................................
[2015.12.05 09:46:05.038] - 
[2015.12.05 09:46:05.038] - --------------------------------------------------------------------------------
[2015.12.05 09:46:05.038] - 
[2015.12.05 09:46:05.039] - INFO: OS: 6.1.7601 SP1
[2015.12.05 09:46:05.039] - INFO: Product Type: Workstation
[2015.12.05 09:46:05.039] - INFO: WoW64: True
[2015.12.05 09:46:05.039] - INFO: Machine guid: 8E2791E3-F1A7-44AE-A320-706B526D849F 
[2015.12.05 09:46:05.039] - 
[2015.12.05 09:46:05.040] - INFO: Scanning for system infection...
[2015.12.05 09:46:05.040] - --------------------------------------------------------------------------------
[2015.12.05 09:46:05.040] - 
[2015.12.05 09:46:05.040] - INFO: INF_PASI3 - 0x00000000...
[2015.12.05 09:46:05.040] - INFO: ESET Cleaner Service initialized successfully.
[2015.12.05 09:46:05.040] - 
[2015.12.05 09:46:05.040] - --------------------------------------------------------------------------------
[2015.12.05 09:46:05.040] - INFO: Checking active infection...
[2015.12.05 09:46:05.040] - 
[2015.12.05 09:46:05.040] - INFO: INF_PASGSH2 - 0x00000000...
[2015.12.05 09:46:05.040] - INFO: INF_PASGSH3 - 0x00000000...
[2015.12.05 09:46:05.040] - --------------------------------------------------------------------------------
[2015.12.05 09:46:05.040] - INFO: Checking inactive infection...
[2015.12.05 09:46:05.040] - 
[2015.12.05 09:46:05.040] - INFO: CHECKING DISK NO - 0 | TYPE - 7 | SIZE - 0xE8E088AF(1863GB)
[2015.12.05 09:46:05.041] - INFO: -> PARTITION NO - 0 | TYPE - 0x07 | BOOTABLE - True | STARTING LBA - 0x00000800 | SIZE - 0xE8E07800 (1863GB)
[2015.12.05 09:46:05.041] - 
[2015.12.05 09:46:05.045] - INFO:   00000001: passed...
[2015.12.05 09:46:05.045] - 
[2015.12.05 09:46:05.046] - INFO: CHECKING DISK NO - 1 | TYPE - 7 | SIZE - 0x74706DAF(931GB)
[2015.12.05 09:46:05.057] - INFO: -> PARTITION NO - 0 | TYPE - 0x07 | BOOTABLE - False | STARTING LBA - 0x00000800 | SIZE - 0x74705800 (931GB)
[2015.12.05 09:46:05.057] - 
[2015.12.05 09:46:05.066] - INFO:   00000001: passed...
[2015.12.05 09:46:05.066] - 
[2015.12.05 09:46:05.066] - INFO: INF_DIDBD02...
[2015.12.05 09:46:05.066] - INFO: CHECKING DISK NO - 2 | TYPE - 7 | SIZE - 0x0DF94BAF(111GB)
[2015.12.05 09:46:05.066] - INFO: -> PARTITION NO - 0 | TYPE - 0x07 | BOOTABLE - True | STARTING LBA - 0x00000800 | SIZE - 0x00032000 (100MB)
[2015.12.05 09:46:05.066] - INFO: -> PARTITION NO - 1 | TYPE - 0x07 | BOOTABLE - False | STARTING LBA - 0x00032800 | SIZE - 0x0DF61800 (111GB)
[2015.12.05 09:46:05.066] - 
[2015.12.05 09:46:05.072] - INFO:   00000001: passed...
[2015.12.05 09:46:05.073] - INFO:   00000400: passed...
[2015.12.05 09:46:05.073] - 
[2015.12.05 09:46:05.074] - INFO: CHECKING DISK NO - 3 | TYPE - 7 | SIZE - 0x74706DAF(931GB)
[2015.12.05 09:46:05.085] - INFO: -> PARTITION NO - 0 | TYPE - 0x0C | BOOTABLE - False | STARTING LBA - 0x0000003F | SIZE - 0x74705982 (931GB)
[2015.12.05 09:46:05.085] - 
[2015.12.05 09:46:05.090] - INFO:   00000001: passed...
[2015.12.05 09:46:05.091] - 
[2015.12.05 09:46:05.091] - INFO: INF_DIDBD02...
[2015.12.05 09:46:05.091] - --------------------------------------------------------------------------------
[2015.12.05 09:46:05.091] - INFO: Win32/Rovnix not found
[2015.12.05 09:46:22.901] - End
 


#14 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:17 PM

Posted 04 December 2015 - 06:44 PM

Step 1

Upload File(s) to virustotal.png
I want you to upload the following file(s) to an online virus-scanner to scan.
  • Click the Choose File button.
  • Please copy/paste the following text into the 'File name:' box:
    C:\Users\MrDyll\AppData\Roaming\BackUp2689935443.exe
  • Click Open then click the Scan it! button just below.
  • This will scan the file. Please be patient.
  • If you get a message saying File already analyzed: click Reanalyse
  • Copy and Paste the link of the result page in your reply.

Edited by deeprybka, 04 December 2015 - 06:46 PM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#15 MrDyll

MrDyll
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 05 December 2015 - 04:55 AM

I don't have a file called BackUp2689935443.exe at all, I searched all directories for it and couldn't find it


Edited by MrDyll, 05 December 2015 - 05:07 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users